| expat |
CVE-2026-56132 |
高危 |
2.6.3-1.amzn2023.0.3 |
2.6.3-1.amzn2023.0.5 |
expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| expat |
CVE-2026-56403 |
高危 |
2.6.3-1.amzn2023.0.3 |
2.6.3-1.amzn2023.0.6 |
libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| expat |
CVE-2026-56406 |
高危 |
2.6.3-1.amzn2023.0.3 |
2.6.3-1.amzn2023.0.6 |
libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
|
| expat |
CVE-2026-56407 |
高危 |
2.6.3-1.amzn2023.0.3 |
2.6.3-1.amzn2023.0.6 |
libexpat before 2.8.2 has an integer overflow in doProlog that is rela ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28
|
| glib2 |
CVE-2025-14087 |
高危 |
2.82.2-767.amzn2023 |
2.82.2-769.amzn2023 |
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-10 09:15 修改: 2026-07-13 22:16
|
| glibc |
CVE-2026-4046 |
高危 |
2.34-231.amzn2023.0.1 |
2.34-231.amzn2023.0.4 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-common |
CVE-2026-4046 |
高危 |
2.34-231.amzn2023.0.1 |
2.34-231.amzn2023.0.4 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-minimal-langpack |
CVE-2026-4046 |
高危 |
2.34-231.amzn2023.0.1 |
2.34-231.amzn2023.0.4 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| gnupg2-minimal |
CVE-2025-68973 |
高危 |
2.3.7-1.amzn2023.0.5 |
2.3.7-1.amzn2023.0.6 |
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
|
| gnupg2-minimal |
CVE-2026-24882 |
高危 |
2.3.7-1.amzn2023.0.5 |
2.3.7-1.amzn2023.0.7 |
GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24882
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 19:16 修改: 2026-06-30 03:17
|
| libblkid |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libcap |
CVE-2025-61727 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.5 |
golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61729 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.5 |
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50
|
| libcap |
CVE-2026-27142 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.7 |
html/template: URLs in meta content attribute actions are not escaped in html/template
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
|
| libcap |
CVE-2026-33811 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.7 |
net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-07 20:16 修改: 2026-07-14 12:16
|
| libcap |
CVE-2026-33814 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.7 |
net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16
|
| libcap |
CVE-2026-39820 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.7 |
net/mail: golang: Go net/mail: Denial of Service via crafted email inputs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-07 20:16 修改: 2026-07-14 12:17
|
| libcap |
CVE-2026-39823 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.7 |
html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
|
| libcap |
CVE-2026-42499 |
高危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.7 |
net/mail: golang: net/mail: Denial of Service via pathological email address parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-07 20:16 修改: 2026-07-14 12:17
|
| libmount |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libnghttp2 |
CVE-2026-27135 |
高危 |
1.59.0-3.amzn2023.0.1 |
1.59.0-3.amzn2023.0.2 |
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-18 18:16 修改: 2026-06-30 03:17
|
| libsmartcols |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libsolv |
CVE-2026-48863 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48863
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libsolv |
CVE-2026-48864 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-26 17:16 修改: 2026-07-09 16:16
|
| libsolv |
CVE-2026-9149 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-21 00:16 修改: 2026-06-27 00:16
|
| libsolv |
CVE-2026-9150 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-20 23:16 修改: 2026-06-29 17:16
|
| libtasn1 |
CVE-2025-13151 |
高危 |
4.19.0-1.amzn2023.0.5 |
4.19.0-1.amzn2023.0.6 |
libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
|
| libuuid |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| openssl |
CVE-2025-15467 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.4 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl |
CVE-2025-15468 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl |
CVE-2025-66199 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl |
CVE-2025-68160 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl |
CVE-2025-69418 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69419 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69420 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69421 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2026-22795 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl |
CVE-2026-22796 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl |
CVE-2026-28387 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-28388 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-28389 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-28390 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-31790 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl |
CVE-2026-34180 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34181 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34182 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34183 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-42764 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42766 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42767 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42768 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42769 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42770 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-45445 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl |
CVE-2026-45446 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl |
CVE-2026-45447 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl |
CVE-2026-7383 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl |
CVE-2026-9076 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| openssl-fips-provider-latest |
CVE-2025-15467 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.4 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl-fips-provider-latest |
CVE-2025-15468 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-fips-provider-latest |
CVE-2025-66199 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl-fips-provider-latest |
CVE-2025-68160 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl-fips-provider-latest |
CVE-2025-69418 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-fips-provider-latest |
CVE-2025-69419 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-fips-provider-latest |
CVE-2025-69420 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-fips-provider-latest |
CVE-2025-69421 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-fips-provider-latest |
CVE-2026-22795 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-fips-provider-latest |
CVE-2026-22796 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-fips-provider-latest |
CVE-2026-28387 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-fips-provider-latest |
CVE-2026-28388 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-fips-provider-latest |
CVE-2026-28389 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-fips-provider-latest |
CVE-2026-28390 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-fips-provider-latest |
CVE-2026-31790 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl-fips-provider-latest |
CVE-2026-34180 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-fips-provider-latest |
CVE-2026-34181 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-fips-provider-latest |
CVE-2026-34182 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-fips-provider-latest |
CVE-2026-34183 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-fips-provider-latest |
CVE-2026-42764 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-fips-provider-latest |
CVE-2026-42766 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-fips-provider-latest |
CVE-2026-42767 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-fips-provider-latest |
CVE-2026-42768 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-fips-provider-latest |
CVE-2026-42769 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-fips-provider-latest |
CVE-2026-42770 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-fips-provider-latest |
CVE-2026-45445 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-fips-provider-latest |
CVE-2026-45446 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-fips-provider-latest |
CVE-2026-45447 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl-fips-provider-latest |
CVE-2026-7383 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl-fips-provider-latest |
CVE-2026-9076 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| openssl-libs |
CVE-2025-15467 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.4 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl-libs |
CVE-2025-15468 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-libs |
CVE-2025-66199 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl-libs |
CVE-2025-68160 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl-libs |
CVE-2025-69418 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69419 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69420 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69421 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2026-22795 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-22796 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-28387 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28388 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28389 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28390 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-31790 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.4 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl-libs |
CVE-2026-34180 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34181 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34182 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34183 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-42764 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42766 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42767 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42768 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42769 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42770 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-45445 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-45446 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-45447 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl-libs |
CVE-2026-7383 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl-libs |
CVE-2026-9076 |
高危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| python3 |
CVE-2025-13462 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python3 |
CVE-2026-3479 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| python3 |
CVE-2026-4519 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3 |
CVE-2026-4786 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.5 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17
|
| python3 |
CVE-2026-6100 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.5 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-libs |
CVE-2025-13462 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python3-libs |
CVE-2026-3479 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| python3-libs |
CVE-2026-4519 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3-libs |
CVE-2026-4786 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.5 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17
|
| python3-libs |
CVE-2026-6100 |
高危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.5 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-pip-wheel |
CVE-2026-21441 |
高危 |
21.3.1-2.amzn2023.0.14 |
21.3.1-2.amzn2023.0.16 |
urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-07 22:15 修改: 2026-07-03 13:16
|
| python3-pip-wheel |
CVE-2026-6357 |
高危 |
21.3.1-2.amzn2023.0.14 |
21.3.1-2.amzn2023.0.19 |
pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00
|
| python3-pip-wheel |
CVE-2026-8643 |
高危 |
21.3.1-2.amzn2023.0.14 |
21.3.1-2.amzn2023.0.20 |
python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8643
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-01 17:17 修改: 2026-07-10 12:17
|
| sqlite-libs |
CVE-2026-11822 |
高危 |
3.40.0-1.amzn2023.0.7 |
3.40.0-1.amzn2023.0.8 |
SQLite before 3.53.2 contains memory corruption vulnerabilities in the ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11822
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
|
| sqlite-libs |
CVE-2026-11824 |
高危 |
3.40.0-1.amzn2023.0.7 |
3.40.0-1.amzn2023.0.8 |
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerabili ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11824
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
|
| libcap |
CVE-2025-61728 |
中危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.6 |
golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61730 |
中危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.6 |
crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-68121 |
中危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.6 |
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58
|
| libcurl-minimal |
CVE-2024-11053 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: curl netrc password leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
|
| libcurl-minimal |
CVE-2025-0167 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
When asked to use a `.netrc` file for credentials **and** to follow HT ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
|
| libcurl-minimal |
CVE-2025-10148 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: predictable WebSocket mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
|
| libcurl-minimal |
CVE-2025-10966 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: Curl missing SFTP host verification with wolfSSH backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-11-07 08:15 修改: 2026-06-17 08:29
|
| libcurl-minimal |
CVE-2025-13034 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
|
| libcurl-minimal |
CVE-2025-14017 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
|
| libcurl-minimal |
CVE-2025-14524 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| libcurl-minimal |
CVE-2025-14819 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: libcurl: Improper certificate validation due to cached TLS settings reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| libcurl-minimal |
CVE-2025-15079 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| libcurl-minimal |
CVE-2025-15224 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| libcurl-minimal |
CVE-2026-3805 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.3 |
curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| libgcrypt |
CVE-2026-41989 |
中危 |
1.10.2-1.amzn2023.0.2 |
1.10.2-1.amzn2023.0.3 |
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
|
| curl-minimal |
CVE-2025-14819 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: libcurl: Improper certificate validation due to cached TLS settings reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| curl-minimal |
CVE-2025-15079 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| curl-minimal |
CVE-2025-15224 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| krb5-libs |
CVE-2026-40355 |
中危 |
1.21.3-6.amzn2023.0.1 |
1.21.3-7.amzn2023.0.1 |
krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-28 06:16 修改: 2026-07-08 12:48
|
| krb5-libs |
CVE-2026-40356 |
中危 |
1.21.3-6.amzn2023.0.1 |
1.21.3-7.amzn2023.0.1 |
krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-28 07:16 修改: 2026-07-08 12:48
|
| curl-minimal |
CVE-2026-3805 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.3 |
curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| curl-minimal |
CVE-2024-11053 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: curl netrc password leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
|
| curl-minimal |
CVE-2025-0167 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
When asked to use a `.netrc` file for credentials **and** to follow HT ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
|
| python3 |
CVE-2025-11468 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python3 |
CVE-2025-12084 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.2 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3 |
CVE-2025-13837 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.2 |
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python3 |
CVE-2025-15282 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3 |
CVE-2026-0672 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-0865 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-1299 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python3 |
CVE-2026-2297 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python3 |
CVE-2026-3446 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
python: Python base64: Incomplete data decoding due to premature stop at padding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
|
| python3 |
CVE-2026-3644 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.5 |
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python3 |
CVE-2026-4224 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python3 |
CVE-2026-6019 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.6 |
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python3 |
CVE-2026-7210 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| python3 |
CVE-2026-8328 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| curl-minimal |
CVE-2025-10148 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: predictable WebSocket mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
|
| libxml2 |
CVE-2026-0990 |
中危 |
2.10.4-1.amzn2023.0.13 |
2.10.4-1.amzn2023.0.16 |
libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:18
|
| libxml2 |
CVE-2026-0992 |
中危 |
2.10.4-1.amzn2023.0.13 |
2.10.4-1.amzn2023.0.16 |
libxml2: libxml2: Denial of Service via crafted XML catalogs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:17
|
| libxml2 |
CVE-2026-6653 |
中危 |
2.10.4-1.amzn2023.0.13 |
2.10.4-1.amzn2023.0.19 |
libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-22 14:17 修改: 2026-06-22 18:16
|
| curl-minimal |
CVE-2025-10966 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: Curl missing SFTP host verification with wolfSSH backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-11-07 08:15 修改: 2026-06-17 08:29
|
| python3-libs |
CVE-2025-11468 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python3-libs |
CVE-2025-12084 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.2 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3-libs |
CVE-2025-13837 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.2 |
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python3-libs |
CVE-2025-15282 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3-libs |
CVE-2026-0672 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-0865 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-1299 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python3-libs |
CVE-2026-2297 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python3-libs |
CVE-2026-3446 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
python: Python base64: Incomplete data decoding due to premature stop at padding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
|
| python3-libs |
CVE-2026-3644 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.5 |
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python3-libs |
CVE-2026-4224 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.4 |
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python3-libs |
CVE-2026-6019 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.6 |
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python3-libs |
CVE-2026-7210 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| python3-libs |
CVE-2026-8328 |
中危 |
3.9.25-1.amzn2023.0.1 |
3.9.25-1.amzn2023.0.7 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| expat |
CVE-2026-25210 |
中危 |
2.6.3-1.amzn2023.0.3 |
2.6.3-1.amzn2023.0.4 |
libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-30 07:16 修改: 2026-06-17 10:24
|
| curl-minimal |
CVE-2025-13034 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
|
| curl-minimal |
CVE-2025-14017 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
|
| python3-pip-wheel |
CVE-2025-66418 |
中危 |
21.3.1-2.amzn2023.0.14 |
21.3.1-2.amzn2023.0.15 |
urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66418
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-05 16:15 修改: 2026-06-17 09:56
|
| python3-pip-wheel |
CVE-2025-66471 |
中危 |
21.3.1-2.amzn2023.0.14 |
21.3.1-2.amzn2023.0.15 |
urllib3: urllib3 Streaming API improperly handles highly compressed data
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66471
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-12-05 17:16 修改: 2026-06-17 09:56
|
| curl-minimal |
CVE-2025-14524 |
中危 |
8.11.1-4.amzn2023.0.3 |
8.17.0-1.amzn2023.0.1 |
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| libcap |
CVE-2025-61726 |
中危 |
2.73-1.amzn2023.0.4 |
2.73-1.amzn2023.0.6 |
golang: net/url: Memory exhaustion in query parameter parsing in net/url
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-28 20:16 修改: 2026-07-10 12:16
|
| libcurl-minimal |
CVE-2025-9086 |
低危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| openssl-fips-provider-latest |
CVE-2026-2673 |
低危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.3 |
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
|
| curl-minimal |
CVE-2025-9086 |
低危 |
8.11.1-4.amzn2023.0.3 |
8.15.0-4.amzn2023.0.1 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| libxml2 |
CVE-2025-8732 |
低危 |
2.10.4-1.amzn2023.0.13 |
2.10.4-1.amzn2023.0.15 |
libxml2: libxml2: Uncontrolled Recursion Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8732
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2025-08-08 17:15 修改: 2026-07-01 15:25
|
| libxml2 |
CVE-2026-0989 |
低危 |
2.10.4-1.amzn2023.0.13 |
2.10.4-1.amzn2023.0.17 |
libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:20
|
| libxml2 |
CVE-2026-1757 |
低危 |
2.10.4-1.amzn2023.0.13 |
2.10.4-1.amzn2023.0.18 |
libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-02-02 13:15 修改: 2026-06-17 10:16
|
| openssl |
CVE-2026-2673 |
低危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.3 |
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673
镜像层: sha256:71b8adb4e3056d2b12b06a853a3db8f6aa70b74f64c57f3f825ac28863176009
发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
|
| python3-pip-wheel |
CVE-2026-1703 |
低危 |
21.3.1-2.amzn2023.0.14 |
21.3.1-2.amzn2023.0.17 |
pip: pip: Information disclosure via path traversal when installing crafted wheel archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16
|
| gnupg2-minimal |
CVE-2026-57062 |
低危 |
2.3.7-1.amzn2023.0.5 |
2.3.7-1.amzn2023.0.9 |
GnuPG: Incorrect cryptographic message parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57062
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-06-23 18:18 修改: 2026-06-25 20:16
|
| openssl-libs |
CVE-2026-2673 |
低危 |
1:3.2.2-1.amzn2023.0.2 |
1:3.5.5-1.amzn2023.0.3 |
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673
镜像层: sha256:6beb63c27303f5b5dc96a523522570acaee070437423a667407f0d02550e8ced
发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
|