| expat |
CVE-2023-52425 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.1 |
expat: parsing large tokens can trigger a denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-02-04 20:15 修改: 2026-06-17 06:42
|
| expat |
CVE-2024-45490 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.1 |
libexpat: Negative Length Parsing Vulnerability in libexpat
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
|
| expat |
CVE-2025-59375 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.3 |
firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
|
| expat |
CVE-2026-56132 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.5 |
expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| expat |
CVE-2026-56403 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.6 |
libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| expat |
CVE-2026-56406 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.6 |
libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
|
| expat |
CVE-2026-56407 |
高危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.6 |
libexpat before 2.8.2 has an integer overflow in doProlog that is rela ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28
|
| glib2 |
CVE-2025-13601 |
高危 |
2.74.7-689.amzn2023.0.2 |
2.82.2-767.amzn2023 |
glib: Integer overflow in in g_escape_uri_string()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-11-26 15:15 修改: 2026-06-30 00:16
|
| glib2 |
CVE-2025-14087 |
高危 |
2.74.7-689.amzn2023.0.2 |
2.82.2-769.amzn2023 |
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-10 09:15 修改: 2026-07-13 22:16
|
| glib2 |
CVE-2025-3360 |
高危 |
2.74.7-689.amzn2023.0.2 |
2.82.2-766.amzn2023 |
glibc: GLib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid ISO 8601 timestamp with g_date_time_new_from_iso8601().
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3360
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-04-07 13:15 修改: 2026-06-30 15:16
|
| glib2 |
CVE-2025-6052 |
高危 |
2.74.7-689.amzn2023.0.2 |
2.82.2-766.amzn2023 |
glib: Integer overflow in g_string_maybe_expand() leading to potential buffer overflow in GLib GString
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6052
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-13 16:15 修改: 2026-06-17 10:01
|
| glibc |
CVE-2025-4802 |
高危 |
2.34-52.amzn2023.0.10 |
2.34-196.amzn2023.0.1 |
glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
|
| glibc |
CVE-2026-4046 |
高危 |
2.34-52.amzn2023.0.10 |
2.34-231.amzn2023.0.4 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-common |
CVE-2025-4802 |
高危 |
2.34-52.amzn2023.0.10 |
2.34-196.amzn2023.0.1 |
glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
|
| glibc-common |
CVE-2026-4046 |
高危 |
2.34-52.amzn2023.0.10 |
2.34-231.amzn2023.0.4 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-minimal-langpack |
CVE-2025-4802 |
高危 |
2.34-52.amzn2023.0.10 |
2.34-196.amzn2023.0.1 |
glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
|
| glibc-minimal-langpack |
CVE-2026-4046 |
高危 |
2.34-52.amzn2023.0.10 |
2.34-231.amzn2023.0.4 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| gnupg2-minimal |
CVE-2025-68973 |
高危 |
2.3.7-1.amzn2023.0.4 |
2.3.7-1.amzn2023.0.6 |
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
|
| gnupg2-minimal |
CVE-2026-24882 |
高危 |
2.3.7-1.amzn2023.0.4 |
2.3.7-1.amzn2023.0.7 |
GnuPG: GnuPG: Stack-based buffer overflow in tpm2daemon allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24882
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 19:16 修改: 2026-06-30 03:17
|
| libarchive |
CVE-2024-48957 |
高危 |
3.5.3-2.amzn2023.0.3 |
3.7.4-2.amzn2023.0.2 |
libarchive: Out-of-bounds access in libarchive's archive file handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48957
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-10-10 02:15 修改: 2026-06-17 07:59
|
| libarchive |
CVE-2024-48958 |
高危 |
3.5.3-2.amzn2023.0.3 |
3.7.4-2.amzn2023.0.2 |
libarchive: Out-of-bounds access in libarchive's RAR file handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-48958
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-10-10 02:15 修改: 2026-06-17 07:59
|
| libarchive |
CVE-2025-5914 |
高危 |
3.5.3-2.amzn2023.0.3 |
3.7.4-2.amzn2023.0.3 |
libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5914
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libblkid |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libcap |
CVE-2025-1390 |
高危 |
2.48-2.amzn2023.0.3 |
2.48-2.amzn2023.0.4 |
libcap: pam_cap: Fix potential configuration parsing error
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1390
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-18 03:15 修改: 2026-06-17 08:39
|
| libcap |
CVE-2025-22874 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.3 |
crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22874
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-11 17:15 修改: 2026-06-17 08:50
|
| libcap |
CVE-2025-4673 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.3 |
net/http: Sensitive headers not cleared on cross-origin redirect in net/http
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4673
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-11 17:15 修改: 2026-06-17 09:33
|
| libcap |
CVE-2025-47912 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
net/url: Insufficient validation of bracketed IPv6 hostnames in net/url
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:28
|
| libcap |
CVE-2025-58183 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
golang: archive/tar: Unbounded allocation when parsing GNU sparse map
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
|
| libcap |
CVE-2025-58185 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
|
| libcap |
CVE-2025-58186 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
|
| libcap |
CVE-2025-58187 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
crypto/x509: Quadratic complexity when checking name constraints in crypto/x509
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
|
| libcap |
CVE-2025-58188 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
|
| libcap |
CVE-2025-58189 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:44
|
| libcap |
CVE-2025-61723 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61724 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61725 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.4 |
net/mail: Excessive CPU consumption in ParseAddress in net/mail
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-29 23:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61727 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.5 |
golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-03 20:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61729 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.5 |
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-02 19:15 修改: 2026-06-17 09:50
|
| libcap |
CVE-2026-27142 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.7 |
html/template: URLs in meta content attribute actions are not escaped in html/template
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-06 22:16 修改: 2026-06-17 10:26
|
| libcap |
CVE-2026-33811 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.7 |
net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-07 20:16 修改: 2026-07-14 12:16
|
| libcap |
CVE-2026-33814 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.7 |
net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16
|
| libcap |
CVE-2026-39820 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.7 |
net/mail: golang: Go net/mail: Denial of Service via crafted email inputs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-07 20:16 修改: 2026-07-14 12:17
|
| libcap |
CVE-2026-39823 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.7 |
html/template: golang: Go html/template: Cross-Site Scripting via improper URL escaping in meta tag content
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:42
|
| libcap |
CVE-2026-42499 |
高危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.7 |
net/mail: golang: net/mail: Denial of Service via pathological email address parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-07 20:16 修改: 2026-07-14 12:17
|
| libmount |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libnghttp2 |
CVE-2026-27135 |
高危 |
1.59.0-3.amzn2023.0.1 |
1.59.0-3.amzn2023.0.2 |
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-18 18:16 修改: 2026-06-30 03:17
|
| libsmartcols |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libsolv |
CVE-2026-48863 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48863
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libsolv |
CVE-2026-48864 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-26 17:16 修改: 2026-07-09 16:16
|
| libsolv |
CVE-2026-9149 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-21 00:16 修改: 2026-06-27 00:16
|
| libsolv |
CVE-2026-9150 |
高危 |
0.7.22-1.amzn2023.0.2 |
0.7.22-1.amzn2023.0.4 |
libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-20 23:16 修改: 2026-06-29 17:16
|
| libtasn1 |
CVE-2025-13151 |
高危 |
4.19.0-1.amzn2023.0.4 |
4.19.0-1.amzn2023.0.6 |
libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
|
| libuuid |
CVE-2026-53615 |
高危 |
2.37.4-1.amzn2023.0.4 |
2.37.4-1.amzn2023.0.5 |
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libxml2 |
CVE-2022-49043 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.8 |
libxml: use-after-free in xmlXIncludeAddNode
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-49043
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-26 06:15 修改: 2026-06-17 05:16
|
| libxml2 |
CVE-2024-56171 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.9 |
libxml2: Use-After-Free in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-18 22:15 修改: 2026-06-17 08:11
|
| libxml2 |
CVE-2025-24928 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.9 |
libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-18 23:15 修改: 2026-06-17 08:59
|
| libxml2 |
CVE-2025-27113 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.9 |
libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-18 23:15 修改: 2026-06-17 09:03
|
| libxml2 |
CVE-2025-49794 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.12 |
libxml: Heap use after free (UAF) leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16
|
| libxml2 |
CVE-2025-49795 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.12 |
libxml: Null pointer dereference leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49795
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-16 16:15 修改: 2026-07-07 13:16
|
| libxml2 |
CVE-2025-49796 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.12 |
libxml: Type confusion leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16
|
| libxml2 |
CVE-2025-6021 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.11 |
libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-12 13:15 修改: 2026-06-30 11:16
|
| libxml2 |
CVE-2025-7425 |
高危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.13 |
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-10 14:15 修改: 2026-06-29 21:16
|
| openssl |
CVE-2025-15467 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.4 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl |
CVE-2025-15468 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl |
CVE-2025-66199 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl |
CVE-2025-68160 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl |
CVE-2025-69418 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69419 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69420 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69421 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2026-22795 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl |
CVE-2026-22796 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl |
CVE-2026-28387 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-28388 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-28389 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-28390 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-31790 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl |
CVE-2026-34180 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34181 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34182 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34183 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-42764 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42766 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42767 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42768 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42769 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42770 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-45445 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl |
CVE-2026-45446 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl |
CVE-2026-45447 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl |
CVE-2026-7383 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl |
CVE-2026-9076 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| openssl-libs |
CVE-2025-15467 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.4 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl-libs |
CVE-2025-15468 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-libs |
CVE-2025-66199 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl-libs |
CVE-2025-68160 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl-libs |
CVE-2025-69418 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69419 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69420 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69421 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2026-22795 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-22796 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-28387 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28388 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28389 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service vulnerability in CMS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-28390 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-31790 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.4 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| openssl-libs |
CVE-2026-34180 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34181 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34182 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34183 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-42764 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42766 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42767 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42768 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42769 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42770 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-45445 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-45446 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-45447 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl-libs |
CVE-2026-7383 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl-libs |
CVE-2026-9076 |
高危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.5 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| python3 |
CVE-2024-12718 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: python: Bypass extraction filter to modify file metadata outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
|
| python3 |
CVE-2024-6232 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
|
| python3 |
CVE-2024-8088 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-22 19:15 修改: 2026-06-17 08:21
|
| python3 |
CVE-2025-13462 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python3 |
CVE-2025-4138 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
|
| python3 |
CVE-2025-4330 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: python: Extraction filter bypass for linking outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-4435 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: Tarfile extracts filtered members when errorlevel=0
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-4517 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
python: cpython: Arbitrary writes via tarfile realpath overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-8194 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.3 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
|
| python3 |
CVE-2026-3479 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| python3 |
CVE-2026-4519 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3 |
CVE-2026-4786 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.5 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17
|
| python3 |
CVE-2026-6100 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.5 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-libs |
CVE-2024-12718 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: python: Bypass extraction filter to modify file metadata outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12718
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 07:00
|
| python3-libs |
CVE-2024-6232 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-09-03 13:15 修改: 2026-06-17 08:17
|
| python3-libs |
CVE-2024-8088 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-22 19:15 修改: 2026-06-17 08:21
|
| python3-libs |
CVE-2025-13462 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-12 18:16 修改: 2026-06-17 08:34
|
| python3-libs |
CVE-2025-4138 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4138
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:32
|
| python3-libs |
CVE-2025-4330 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: python: Extraction filter bypass for linking outside extraction directory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4330
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-4435 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
cpython: Tarfile extracts filtered members when errorlevel=0
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4435
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-4517 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.1 |
python: cpython: Arbitrary writes via tarfile realpath overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4517
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-03 13:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-8194 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.3 |
cpython: Cpython infinite loop when parsing a tarfile
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-28 19:15 修改: 2026-06-17 10:06
|
| python3-libs |
CVE-2026-3479 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| python3-libs |
CVE-2026-4519 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3-libs |
CVE-2026-4786 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.5 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17
|
| python3-libs |
CVE-2026-6100 |
高危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.5 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-pip-wheel |
CVE-2026-21441 |
高危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.16 |
urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-07 22:15 修改: 2026-07-03 13:16
|
| python3-pip-wheel |
CVE-2026-6357 |
高危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.19 |
pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-27 15:16 修改: 2026-06-17 11:00
|
| python3-pip-wheel |
CVE-2026-8643 |
高危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.20 |
python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8643
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-01 17:17 修改: 2026-07-10 12:17
|
| python3-setuptools-wheel |
CVE-2024-6345 |
高危 |
59.6.0-2.amzn2023.0.4 |
59.6.0-2.amzn2023.0.5 |
pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-07-15 01:15 修改: 2026-06-17 08:17
|
| python3-setuptools-wheel |
CVE-2025-47273 |
高危 |
59.6.0-2.amzn2023.0.4 |
59.6.0-2.amzn2023.0.6 |
setuptools: Path Traversal Vulnerability in setuptools PackageIndex
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47273
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-17 16:15 修改: 2026-06-17 09:27
|
| sqlite-libs |
CVE-2022-46908 |
高危 |
3.40.0-1.amzn2023.0.4 |
3.40.0-1.amzn2023.0.5 |
sqlite: safe mode authorizer callback allows disallowed UDFs
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46908
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2022-12-12 06:15 修改: 2026-06-17 05:12
|
| sqlite-libs |
CVE-2026-11822 |
高危 |
3.40.0-1.amzn2023.0.4 |
3.40.0-1.amzn2023.0.8 |
SQLite before 3.53.2 contains memory corruption vulnerabilities in the ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11822
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
|
| sqlite-libs |
CVE-2026-11824 |
高危 |
3.40.0-1.amzn2023.0.4 |
3.40.0-1.amzn2023.0.8 |
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerabili ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11824
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
|
| expat |
CVE-2026-25210 |
中危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.4 |
libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-30 07:16 修改: 2026-06-17 10:24
|
| curl-minimal |
CVE-2025-13034 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
|
| curl-minimal |
CVE-2025-14017 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
|
| curl-minimal |
CVE-2025-14524 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| curl-minimal |
CVE-2025-14819 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: libcurl: Improper certificate validation due to cached TLS settings reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| curl-minimal |
CVE-2025-15079 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| curl-minimal |
CVE-2025-15224 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| glibc |
CVE-2021-43396 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: conversion from ISO-2022-JP-3 with iconv may emit spurious NUL character on state reset
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43396
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2021-11-04 20:15 修改: 2026-06-17 04:10
|
| glibc |
CVE-2024-33599 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: stack-based buffer overflow in netgroup cache
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc |
CVE-2024-33600 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: null pointer dereferences after failed netgroup cache insertion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc |
CVE-2024-33601 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: netgroup cache may terminate daemon on memory allocation failure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc |
CVE-2024-33602 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: netgroup cache assumes NSS callback uses in-buffer strings
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc |
CVE-2025-0395 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
|
| openssl |
CVE-2024-13176 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.19 |
openssl: Timing side-channel in ECDSA signature computation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
|
| openssl |
CVE-2024-41996 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.16 |
openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
|
| openssl |
CVE-2024-4603 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.14 |
openssl: Excessive time spent checking DSA keys and parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2024-05-16 16:15 修改: 2026-06-17 08:02
|
| openssl |
CVE-2024-4741 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.14 |
openssl: Use After Free with SSL_free_buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
|
| openssl |
CVE-2024-5535 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.14 |
openssl: SSL_select_next_proto buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
|
| openssl |
CVE-2024-6119 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.15 |
openssl: Possible denial of service in X.509 name checks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17
|
| openssl |
CVE-2025-9230 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.2 |
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| openssl |
CVE-2025-9231 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.2 |
openssl: Timing side-channel in SM2 algorithm on 64 bit ARM
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| glibc |
CVE-2025-8058 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-231.amzn2023.0.1 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
|
| curl-minimal |
CVE-2026-3805 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.3 |
curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| elfutils-default-yama-scope |
CVE-2025-1352 |
中危 |
0.188-3.amzn2023.0.2 |
0.188-3.amzn2023.0.3 |
elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38
|
| libcap |
CVE-2025-61726 |
中危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.6 |
golang: net/url: Memory exhaustion in query parameter parsing in net/url
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-28 20:16 修改: 2026-07-10 12:16
|
| libcap |
CVE-2025-61728 |
中危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.6 |
golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61728
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-61730 |
中危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.6 |
crypto/tls: Handshake messages may be processed at the incorrect encryption level in crypto/tls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61730
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-28 20:16 修改: 2026-06-17 09:50
|
| libcap |
CVE-2025-68121 |
中危 |
2.48-2.amzn2023.0.3 |
2.73-1.amzn2023.0.6 |
crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68121
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:58
|
| libcurl-minimal |
CVE-2024-11053 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: curl netrc password leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
|
| libcurl-minimal |
CVE-2024-9681 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.11.1-4.amzn2023.0.1 |
curl: HSTS subdomain overwrites parent cache entry
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
|
| libcurl-minimal |
CVE-2025-0167 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
When asked to use a `.netrc` file for credentials **and** to follow HT ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
|
| libcurl-minimal |
CVE-2025-10148 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: predictable WebSocket mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
|
| libcurl-minimal |
CVE-2025-10966 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: Curl missing SFTP host verification with wolfSSH backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-11-07 08:15 修改: 2026-06-17 08:29
|
| libcurl-minimal |
CVE-2025-11563 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.11.1-4.amzn2023.0.3 |
wcurl: wcurl: Arbitrary file placement via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11563
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-02-25 08:16 修改: 2026-06-17 08:30
|
| libcurl-minimal |
CVE-2025-13034 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: Public key pinning bypass via QUIC and GnuTLS allows server impersonation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13034
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:33
|
| libcurl-minimal |
CVE-2025-14017 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
|
| libcurl-minimal |
CVE-2025-14524 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| libcurl-minimal |
CVE-2025-14819 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: libcurl: Improper certificate validation due to cached TLS settings reuse
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
|
| libcurl-minimal |
CVE-2025-15079 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: Host verification bypass during SSH transfers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| libcurl-minimal |
CVE-2025-15224 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.1 |
curl: libssh key passphrase bypass without agent set
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
|
| libcurl-minimal |
CVE-2026-3805 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.17.0-1.amzn2023.0.3 |
curl: curl: Arbitrary code execution or Denial of Service via use-after-free in SMB request handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3805
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
|
| libgcrypt |
CVE-2024-2236 |
中危 |
1.10.2-1.amzn2023.0.1 |
1.10.2-1.amzn2023.0.2 |
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
|
| libgcrypt |
CVE-2026-41989 |
中危 |
1.10.2-1.amzn2023.0.1 |
1.10.2-1.amzn2023.0.3 |
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
|
| glibc-common |
CVE-2021-43396 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: conversion from ISO-2022-JP-3 with iconv may emit spurious NUL character on state reset
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43396
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2021-11-04 20:15 修改: 2026-06-17 04:10
|
| glibc-common |
CVE-2024-33599 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: stack-based buffer overflow in netgroup cache
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2024-33600 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: null pointer dereferences after failed netgroup cache insertion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2024-33601 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: netgroup cache may terminate daemon on memory allocation failure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2024-33602 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: netgroup cache assumes NSS callback uses in-buffer strings
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-common |
CVE-2025-0395 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
|
| glibc-common |
CVE-2025-8058 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-231.amzn2023.0.1 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
|
| elfutils-default-yama-scope |
CVE-2025-1372 |
中危 |
0.188-3.amzn2023.0.2 |
0.188-3.amzn2023.0.3 |
elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1372
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39
|
| openssl-libs |
CVE-2024-13176 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.19 |
openssl: Timing side-channel in ECDSA signature computation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
|
| openssl-libs |
CVE-2024-41996 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.16 |
openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-26 06:15 修改: 2026-06-17 07:48
|
| openssl-libs |
CVE-2024-4603 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.14 |
openssl: Excessive time spent checking DSA keys and parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-16 16:15 修改: 2026-06-17 08:02
|
| openssl-libs |
CVE-2024-4741 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.14 |
openssl: Use After Free with SSL_free_buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
|
| openssl-libs |
CVE-2024-5535 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.14 |
openssl: SSL_select_next_proto buffer overread
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
|
| openssl-libs |
CVE-2024-6119 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.0.8-1.amzn2023.0.15 |
openssl: Possible denial of service in X.509 name checks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-09-03 16:15 修改: 2026-06-17 08:17
|
| openssl-libs |
CVE-2025-9230 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.2 |
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| openssl-libs |
CVE-2025-9231 |
中危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.2.2-1.amzn2023.0.2 |
openssl: Timing side-channel in SM2 algorithm on 64 bit ARM
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9231
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| libtasn1 |
CVE-2024-12133 |
中危 |
4.19.0-1.amzn2023.0.4 |
4.19.0-1.amzn2023.0.5 |
libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-10 16:15 修改: 2026-06-30 03:16
|
| elfutils-libelf |
CVE-2025-1352 |
中危 |
0.188-3.amzn2023.0.2 |
0.188-3.amzn2023.0.3 |
elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38
|
| glibc-minimal-langpack |
CVE-2021-43396 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: conversion from ISO-2022-JP-3 with iconv may emit spurious NUL character on state reset
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43396
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2021-11-04 20:15 修改: 2026-06-17 04:10
|
| glibc-minimal-langpack |
CVE-2024-33599 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: stack-based buffer overflow in netgroup cache
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2024-33600 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: null pointer dereferences after failed netgroup cache insertion
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2024-33601 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: netgroup cache may terminate daemon on memory allocation failure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2024-33602 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: netgroup cache assumes NSS callback uses in-buffer strings
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
|
| glibc-minimal-langpack |
CVE-2025-0395 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-181.amzn2023.0.1 |
glibc: buffer overflow in the GNU C Library's assert()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
|
| glibc-minimal-langpack |
CVE-2025-8058 |
中危 |
2.34-52.amzn2023.0.10 |
2.34-231.amzn2023.0.1 |
glibc: Double free in glibc
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-23 20:15 修改: 2026-06-17 10:06
|
| elfutils-libelf |
CVE-2025-1372 |
中危 |
0.188-3.amzn2023.0.2 |
0.188-3.amzn2023.0.3 |
elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1372
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39
|
| elfutils-libs |
CVE-2025-1352 |
中危 |
0.188-3.amzn2023.0.2 |
0.188-3.amzn2023.0.3 |
elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38
|
| libxml2 |
CVE-2024-34459 |
中危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.7 |
libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-14 15:39 修改: 2026-06-17 07:33
|
| libxml2 |
CVE-2025-32414 |
中危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.10 |
libxml2: Out-of-Bounds Read in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
|
| python3 |
CVE-2007-4559 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: tarfile module directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
|
| python3 |
CVE-2023-27043 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
|
| python3 |
CVE-2024-0397 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.16-1.amzn2023.0.9 |
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
|
| python3 |
CVE-2024-11168 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.1 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
|
| python3 |
CVE-2024-6923 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
|
| python3 |
CVE-2024-7592 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
|
| python3 |
CVE-2024-9287 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.1 |
python: Virtual environment (venv) activation scripts don't quote paths
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
|
| python3 |
CVE-2025-0938 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.2 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
|
| python3 |
CVE-2025-11468 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python3 |
CVE-2025-12084 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.2 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3 |
CVE-2025-13837 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.2 |
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python3 |
CVE-2025-15282 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3 |
CVE-2025-4516 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.22-1.amzn2023.0.2 |
cpython: python: CPython DecodeError Handling Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
|
| python3 |
CVE-2025-6069 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.2 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python3 |
CVE-2025-6075 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.1 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python3 |
CVE-2025-8291 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.24-1.amzn2023.0.3 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python3 |
CVE-2026-0672 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-0865 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-1299 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python3 |
CVE-2026-2297 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python3 |
CVE-2026-3446 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
python: Python base64: Incomplete data decoding due to premature stop at padding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
|
| python3 |
CVE-2026-3644 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.5 |
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python3 |
CVE-2026-4224 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python3 |
CVE-2026-6019 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.6 |
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python3 |
CVE-2026-7210 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| python3 |
CVE-2026-8328 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| libxml2 |
CVE-2025-32415 |
中危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.10 |
libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
|
| libxml2 |
CVE-2026-0990 |
中危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.16 |
libxml2: libxml2: Denial of Service via uncontrolled recursion in XML catalog processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0990
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:18
|
| libxml2 |
CVE-2026-0992 |
中危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.16 |
libxml2: libxml2: Denial of Service via crafted XML catalogs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0992
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:17
|
| libxml2 |
CVE-2026-6653 |
中危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.19 |
libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6653
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-22 14:17 修改: 2026-06-22 18:16
|
| krb5-libs |
CVE-2024-37370 |
中危 |
1.21-3.amzn2023.0.4 |
1.21.3-1.amzn2023.0.1 |
krb5: GSS message token handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
|
| krb5-libs |
CVE-2024-37371 |
中危 |
1.21-3.amzn2023.0.4 |
1.21.3-1.amzn2023.0.1 |
krb5: GSS message token handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
|
| krb5-libs |
CVE-2025-24528 |
中危 |
1.21-3.amzn2023.0.4 |
1.21.3-6.amzn2023.0.1 |
krb5: overflow when calculating ulog block size
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
|
| krb5-libs |
CVE-2025-3576 |
中危 |
1.21-3.amzn2023.0.4 |
1.21.3-6.amzn2023.0.1 |
krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16
|
| krb5-libs |
CVE-2026-40355 |
中危 |
1.21-3.amzn2023.0.4 |
1.21.3-7.amzn2023.0.1 |
krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-28 06:16 修改: 2026-07-08 12:48
|
| krb5-libs |
CVE-2026-40356 |
中危 |
1.21-3.amzn2023.0.4 |
1.21.3-7.amzn2023.0.1 |
krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-28 07:16 修改: 2026-07-08 12:48
|
| elfutils-libs |
CVE-2025-1372 |
中危 |
0.188-3.amzn2023.0.2 |
0.188-3.amzn2023.0.3 |
elfutils: GNU elfutils eu-readelf readelf.c print_string_section buffer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1372
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-17 03:15 修改: 2026-06-17 08:39
|
| coreutils-single |
CVE-2025-5278 |
中危 |
8.32-30.amzn2023.0.3 |
8.32-30.amzn2023.0.4 |
coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-27 21:15 修改: 2026-07-01 11:16
|
| curl-minimal |
CVE-2024-11053 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: curl netrc password leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
|
| python3-libs |
CVE-2007-4559 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: tarfile module directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
|
| python3-libs |
CVE-2023-27043 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
|
| python3-libs |
CVE-2024-0397 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.16-1.amzn2023.0.9 |
cpython: python: Memory race condition in ssl.SSLContext certificate store methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-17 16:15 修改: 2026-06-17 06:53
|
| python3-libs |
CVE-2024-11168 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.1 |
python: Improper validation of IPv6 and IPvFuture addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-11-12 22:15 修改: 2026-06-17 06:57
|
| python3-libs |
CVE-2024-6923 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-01 14:15 修改: 2026-06-17 08:18
|
| python3-libs |
CVE-2024-7592 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
cpython: python: Uncontrolled CPU resource consumption when in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-08-19 19:15 修改: 2026-06-17 08:20
|
| python3-libs |
CVE-2024-9287 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.1 |
python: Virtual environment (venv) activation scripts don't quote paths
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-10-22 17:15 修改: 2026-06-17 08:24
|
| python3-libs |
CVE-2025-0938 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.2 |
python: cpython: URL parser allowed square brackets in domain names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-01-31 18:15 修改: 2026-06-17 08:27
|
| python3-libs |
CVE-2025-11468 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Missing character filtering in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:30
|
| python3-libs |
CVE-2025-12084 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.2 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3-libs |
CVE-2025-13837 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.2 |
cpython: Out-of-memory when loading Plist
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-01 18:16 修改: 2026-06-17 08:34
|
| python3-libs |
CVE-2025-15282 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection via newlines in data URL mediatype in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3-libs |
CVE-2025-4516 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.22-1.amzn2023.0.2 |
cpython: python: CPython DecodeError Handling Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-05-15 14:15 修改: 2026-06-17 09:33
|
| python3-libs |
CVE-2025-6069 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.23-1.amzn2023.0.2 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python3-libs |
CVE-2025-6075 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.1 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python3-libs |
CVE-2025-8291 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.24-1.amzn2023.0.3 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python3-libs |
CVE-2026-0672 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Header injection in http.cookies.Morsel in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-0865 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-1299 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| python3-libs |
CVE-2026-2297 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: CPython: Logging Bypass in Legacy .pyc File Handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-04 23:16 修改: 2026-06-17 10:30
|
| python3-libs |
CVE-2026-3446 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
python: Python base64: Incomplete data decoding due to premature stop at padding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-10 19:16 修改: 2026-06-17 10:43
|
| python3-libs |
CVE-2026-3644 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.5 |
cpython: Incomplete control character validation in http.cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-16 18:16 修改: 2026-06-30 16:16
|
| python3-libs |
CVE-2026-4224 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.4 |
cpython: Stack overflow parsing XML with deeply nested DTD content models
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-16 18:16 修改: 2026-06-17 10:56
|
| python3-libs |
CVE-2026-6019 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.6 |
python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00
|
| python3-libs |
CVE-2026-7210 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| python3-libs |
CVE-2026-8328 |
中危 |
3.9.16-1.amzn2023.0.8 |
3.9.25-1.amzn2023.0.7 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| libarchive |
CVE-2025-5915 |
中危 |
3.5.3-2.amzn2023.0.3 |
3.7.4-2.amzn2023.0.4 |
libarchive: Heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5915
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libarchive |
CVE-2025-5917 |
中危 |
3.5.3-2.amzn2023.0.3 |
3.7.4-2.amzn2023.0.4 |
libarchive: Off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5917
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| curl-minimal |
CVE-2024-9681 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.11.1-4.amzn2023.0.1 |
curl: HSTS subdomain overwrites parent cache entry
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-11-06 08:15 修改: 2026-06-17 08:25
|
| python3-pip-wheel |
CVE-2007-4559 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.11 |
python: tarfile module directory traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4559
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2007-08-28 01:17 修改: 2026-04-23 00:35
|
| python3-pip-wheel |
CVE-2024-35195 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.10 |
requests: subsequent requests to the same host ignore cert verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35195
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-05-20 21:15 修改: 2026-06-17 07:34
|
| python3-pip-wheel |
CVE-2024-3651 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.9 |
python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3651
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-07-07 18:15 修改: 2026-06-17 07:44
|
| python3-pip-wheel |
CVE-2024-37891 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.8 |
urllib3: proxy-authorization request header is not stripped during cross-origin redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37891
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-17 20:15 修改: 2026-06-17 07:38
|
| python3-pip-wheel |
CVE-2025-50181 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.13 |
urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-50181
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-06-19 01:15 修改: 2026-06-17 09:34
|
| python3-pip-wheel |
CVE-2025-66418 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.15 |
urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66418
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-05 16:15 修改: 2026-06-17 09:56
|
| python3-pip-wheel |
CVE-2025-66471 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.15 |
urllib3: urllib3 Streaming API improperly handles highly compressed data
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66471
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-12-05 17:16 修改: 2026-06-17 09:56
|
| python3-pip-wheel |
CVE-2025-8869 |
中危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.14 |
pip: pip missing checks on symbolic link extraction
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8869
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-24 15:15 修改: 2026-06-17 10:07
|
| curl-minimal |
CVE-2025-0167 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
When asked to use a `.netrc` file for credentials **and** to follow HT ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
|
| curl-minimal |
CVE-2025-10148 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: predictable WebSocket mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
|
| curl-minimal |
CVE-2025-10966 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: Curl missing SFTP host verification with wolfSSH backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-11-07 08:15 修改: 2026-06-17 08:29
|
| curl-minimal |
CVE-2025-11563 |
中危 |
8.5.0-1.amzn2023.0.4 |
8.11.1-4.amzn2023.0.3 |
wcurl: wcurl: Arbitrary file placement via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11563
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-02-25 08:16 修改: 2026-06-17 08:30
|
| expat |
CVE-2024-50602 |
中危 |
2.5.0-1.amzn2023.0.4 |
2.6.3-1.amzn2023.0.2 |
libexpat: expat: DoS via XML_ResumeParser
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-10-27 05:15 修改: 2026-06-17 08:04
|
| sqlite-libs |
CVE-2025-6965 |
中危 |
3.40.0-1.amzn2023.0.4 |
3.40.0-1.amzn2023.0.6 |
sqlite: Integer Truncation in SQLite
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-07-15 14:15 修改: 2026-06-26 16:36
|
| libxml2 |
CVE-2025-8732 |
低危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.15 |
libxml2: libxml2: Uncontrolled Recursion Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8732
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-08-08 17:15 修改: 2026-07-01 15:25
|
| openssl |
CVE-2026-2673 |
低危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.3 |
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673
镜像层: sha256:0ebc986194ce44f9b53207a2411446464969aff6a8187e353da38d681b269e0a
发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
|
| libxml2 |
CVE-2026-0989 |
低危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.17 |
libxml2: Unbounded RelaxNG Include Recursion Leading to Stack Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0989
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-01-15 15:15 修改: 2026-06-30 20:20
|
| libxml2 |
CVE-2026-1757 |
低危 |
2.10.4-1.amzn2023.0.6 |
2.10.4-1.amzn2023.0.18 |
libxml2: Memory Leak Leading to Local Denial of Service in xmllint Interactive Shell
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1757
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-02-02 13:15 修改: 2026-06-17 10:16
|
| python3 |
CVE-2024-4032 |
低危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: incorrect IPv4 and IPv6 private ranges
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
|
| python3 |
CVE-2025-1795 |
低危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.3 |
python: Mishandling of comma during folding and unicode-encoding of email headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
|
| openssl-libs |
CVE-2026-2673 |
低危 |
1:3.0.8-1.amzn2023.0.12 |
1:3.5.5-1.amzn2023.0.3 |
openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-03-13 19:54 修改: 2026-06-17 10:31
|
| ca-certificates |
CVE-2024-39689 |
低危 |
2023.2.64-1.0.amzn2023.0.1 |
2023.2.68-1.0.amzn2023.0.1 |
python-certifi: Remove root certificates from `GLOBALTRUST` from the root store
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39689
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-07-05 19:15 修改: 2026-06-17 07:42
|
| python3-pip-wheel |
CVE-2026-1703 |
低危 |
21.3.1-2.amzn2023.0.7 |
21.3.1-2.amzn2023.0.17 |
pip: pip: Information disclosure via path traversal when installing crafted wheel archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-02-02 15:16 修改: 2026-06-17 10:16
|
| curl-minimal |
CVE-2025-9086 |
低危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| python3-libs |
CVE-2024-4032 |
低危 |
3.9.16-1.amzn2023.0.8 |
3.9.20-1.amzn2023.0.2 |
python: incorrect IPv4 and IPv6 private ranges
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2024-06-17 15:15 修改: 2026-06-17 08:00
|
| python3-libs |
CVE-2025-1795 |
低危 |
3.9.16-1.amzn2023.0.8 |
3.9.21-1.amzn2023.0.3 |
python: Mishandling of comma during folding and unicode-encoding of email headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-02-28 19:15 修改: 2026-06-17 08:39
|
| libcurl-minimal |
CVE-2025-9086 |
低危 |
8.5.0-1.amzn2023.0.4 |
8.15.0-4.amzn2023.0.1 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| gnupg2-minimal |
CVE-2025-30258 |
低危 |
2.3.7-1.amzn2023.0.4 |
2.3.7-1.amzn2023.0.5 |
gnupg: verification DoS due to a malicious subkey in the keyring
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
|
| gnupg2-minimal |
CVE-2026-57062 |
低危 |
2.3.7-1.amzn2023.0.4 |
2.3.7-1.amzn2023.0.9 |
GnuPG: Incorrect cryptographic message parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-57062
镜像层: sha256:787c718160ca1e26288212055bd7a1a7e0c68a0a446bf7bbe9d6cd1c09fcb7d0
发布日期: 2026-06-23 18:18 修改: 2026-06-25 20:16
|