docker.io/whgojp/javaseclab:1.5 linux/arm64

docker.io/whgojp/javaseclab:1.5 - Trivy安全扫描结果扫描时间: 2026-06-22 23:02 温馨提示: 这是一个 linux/arm64 系统架构镜像

全部漏洞信息

低危漏洞:300

中危漏洞:489

高危漏洞:346

严重漏洞:92

系统OS: debian 11.4 扫描引擎: Trivy 扫描时间: 2026-06-22 23:02

docker.io/whgojp/javaseclab:1.5 (debian 11.4) (debian)

低危漏洞:287

中危漏洞:408

高危漏洞:255

严重漏洞:51

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
curl	CVE-2022-32221	严重	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u5	curl: POST following PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32221 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-12-05 22:15 修改: 2026-02-13 20:16
curl	CVE-2023-23914	严重	7.74.0-1.3+deb11u2		curl: HSTS ignored on multiple requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23914 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-23 20:15 修改: 2025-03-12 19:15
curl	CVE-2023-38545	严重	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u10	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
git	CVE-2022-23521	严重	1:2.30.2-1	1:2.30.2-1+deb11u1	git: gitattributes parsing integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23521 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-01-17 23:15 修改: 2024-11-21 06:48
git	CVE-2022-41903	严重	1:2.30.2-1	1:2.30.2-1+deb11u1	git: Heap overflow in `git archive`, `git log --format` leading to RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41903 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-01-17 23:15 修改: 2024-11-21 07:24
git	CVE-2024-32002	严重	1:2.30.2-1	1:2.30.2-1+deb11u3	git: Recursive clones RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32002 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 19:15 修改: 2025-11-04 17:15
git-man	CVE-2022-23521	严重	1:2.30.2-1	1:2.30.2-1+deb11u1	git: gitattributes parsing integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23521 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-01-17 23:15 修改: 2024-11-21 06:48
git-man	CVE-2022-41903	严重	1:2.30.2-1	1:2.30.2-1+deb11u1	git: Heap overflow in `git archive`, `git log --format` leading to RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41903 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-01-17 23:15 修改: 2024-11-21 07:24
git-man	CVE-2024-32002	严重	1:2.30.2-1	1:2.30.2-1+deb11u3	git: Recursive clones RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32002 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 19:15 修改: 2025-11-04 17:15
libapr1	CVE-2022-24963	严重	1.7.0-6+deb11u1	1.7.0-6+deb11u2	apr: integer overflow/wraparound in apr_encode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24963 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-01-31 16:15 修改: 2025-03-27 15:15
libcurl3-gnutls	CVE-2022-32221	严重	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u5	curl: POST following PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32221 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-12-05 22:15 修改: 2026-02-13 20:16
libcurl3-gnutls	CVE-2023-23914	严重	7.74.0-1.3+deb11u2		curl: HSTS ignored on multiple requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23914 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-23 20:15 修改: 2025-03-12 19:15
libcurl3-gnutls	CVE-2023-38545	严重	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u10	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libcurl4	CVE-2022-32221	严重	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u5	curl: POST following PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32221 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-12-05 22:15 修改: 2026-02-13 20:16
libcurl4	CVE-2023-23914	严重	7.74.0-1.3+deb11u2		curl: HSTS ignored on multiple requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23914 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-23 20:15 修改: 2025-03-12 19:15
libcurl4	CVE-2023-38545	严重	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u10	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libdb5.3	CVE-2019-8457	严重	5.3.28+dfsg1-0.8		sqlite: heap out-of-bound read in function rtreenode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-05-30 16:29 修改: 2024-11-21 04:49
libexpat1	CVE-2024-45491	严重	2.2.10-2+deb11u3	2.2.10-2+deb11u6	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libexpat1	CVE-2024-45492	严重	2.2.10-2+deb11u3	2.2.10-2+deb11u6	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libgnutls30	CVE-2026-33845	严重	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42010	严重	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
libgssapi-krb5-2	CVE-2024-37371	严重	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libk5crypto3	CVE-2024-37371	严重	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libkrb5-3	CVE-2024-37371	严重	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libkrb5support0	CVE-2024-37371	严重	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libksba8	CVE-2022-3515	严重	1.5.0-3	1.5.0-3+deb11u1	libksba: integer overflow may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3515 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-01-12 15:15 修改: 2025-04-08 16:15
libksba8	CVE-2022-47629	严重	1.5.0-3	1.5.0-3+deb11u2	libksba: integer overflow to code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-47629 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2022-12-20 23:15 修改: 2025-04-16 18:16
libpcre2-8-0	CVE-2022-1586	严重	10.36-2	10.36-2+deb11u1	pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1586 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-05-16 21:15 修改: 2025-03-25 19:39
libpcre2-8-0	CVE-2022-1587	严重	10.36-2	10.36-2+deb11u1	pcre2: Out-of-bounds read in get_recurse_data_length in pcre2_jit_compile.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1587 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-05-16 21:15 修改: 2024-11-21 06:41
libperl5.32	CVE-2026-42496	严重	5.32.1-4+deb11u2		perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
libperl5.32	CVE-2026-8376	严重	5.32.1-4+deb11u2		Perl versions through 5.43.10 have a heap buffer overflow when compili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 00:16 修改: 2026-05-27 19:16
libpython3.9-minimal	CVE-2021-29921	严重	3.9.2-1	3.9.2-1+deb11u2	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-06 13:15 修改: 2025-11-03 22:15
libpython3.9-minimal	CVE-2022-37454	严重	3.9.2-1	3.9.2-1+deb11u4	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-21 06:15 修改: 2025-05-08 15:15
libpython3.9-stdlib	CVE-2021-29921	严重	3.9.2-1	3.9.2-1+deb11u2	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-06 13:15 修改: 2025-11-03 22:15
libpython3.9-stdlib	CVE-2022-37454	严重	3.9.2-1	3.9.2-1+deb11u4	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-21 06:15 修改: 2025-05-08 15:15
libsqlite3-0	CVE-2025-6965	严重	3.34.1-3		sqlite: Integer Truncation in SQLite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-07-15 14:15 修改: 2026-04-14 10:16
libtasn1-6	CVE-2021-46848	严重	4.16.0-2	4.16.0-2+deb11u1	libtasn1: Out-of-bound access in ETYPE_OK 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-10-24 14:15 修改: 2025-05-07 15:15
openssh-client	CVE-2023-38408	严重	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u2	openssh: Remote code execution in ssh-agent PKCS#11 support 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38408 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-07-20 03:15 修改: 2024-11-21 08:13
perl	CVE-2026-42496	严重	5.32.1-4+deb11u2		perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
perl	CVE-2026-8376	严重	5.32.1-4+deb11u2		Perl versions through 5.43.10 have a heap buffer overflow when compili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 00:16 修改: 2026-05-27 19:16
perl-base	CVE-2026-42496	严重	5.32.1-4+deb11u2		perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
perl-base	CVE-2026-8376	严重	5.32.1-4+deb11u2		Perl versions through 5.43.10 have a heap buffer overflow when compili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 00:16 修改: 2026-05-27 19:16
perl-modules-5.32	CVE-2026-42496	严重	5.32.1-4+deb11u2		perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
perl-modules-5.32	CVE-2026-8376	严重	5.32.1-4+deb11u2		Perl versions through 5.43.10 have a heap buffer overflow when compili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 00:16 修改: 2026-05-27 19:16
python3.9	CVE-2021-29921	严重	3.9.2-1	3.9.2-1+deb11u2	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-06 13:15 修改: 2025-11-03 22:15
python3.9	CVE-2022-37454	严重	3.9.2-1	3.9.2-1+deb11u4	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-21 06:15 修改: 2025-05-08 15:15
python3.9-minimal	CVE-2021-29921	严重	3.9.2-1	3.9.2-1+deb11u2	python-ipaddress: Improper input validation of octal strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29921 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-06 13:15 修改: 2025-11-03 22:15
python3.9-minimal	CVE-2022-37454	严重	3.9.2-1	3.9.2-1+deb11u4	XKCP: buffer overflow in the SHA-3 reference implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37454 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-21 06:15 修改: 2025-05-08 15:15
wget	CVE-2024-38428	严重	1.21-1+deb11u1	1.21-1+deb11u2	wget: Misinterpretation of input may lead to improper behavior 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38428 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-06-16 03:15 修改: 2025-04-21 10:15
zlib1g	CVE-2022-37434	严重	1:1.2.11.dfsg-2+deb11u1	1:1.2.11.dfsg-2+deb11u2	zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-08-05 07:15 修改: 2025-05-30 20:15
zlib1g	CVE-2023-45853	严重	1:1.2.11.dfsg-2+deb11u1		zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45853 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-10-14 02:15 修改: 2024-12-20 17:41
gpgv	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
curl	CVE-2026-6276	高危	7.74.0-1.3+deb11u2		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
libc-bin	CVE-2021-3999	高危	2.31-13+deb11u3	2.31-13+deb11u4	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-08-24 16:15 修改: 2025-12-02 21:15
libc-bin	CVE-2023-4911	高危	2.31-13+deb11u3	2.31-13+deb11u7	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-10-03 18:15 修改: 2026-05-12 16:24
libc-bin	CVE-2024-2961	高危	2.31-13+deb11u3	2.31-13+deb11u9	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
libc-bin	CVE-2024-33599	高危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2021-3999	高危	2.31-13+deb11u3	2.31-13+deb11u4	glibc: Off-by-one buffer overflow/underflow in getcwd() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3999 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-08-24 16:15 修改: 2025-12-02 21:15
libc6	CVE-2023-4911	高危	2.31-13+deb11u3	2.31-13+deb11u7	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-10-03 18:15 修改: 2026-05-12 16:24
libc6	CVE-2024-2961	高危	2.31-13+deb11u3	2.31-13+deb11u9	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
libc6	CVE-2024-33599	高危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libcom-err2	CVE-2022-1304	高危	1.46.2-2	1.46.2-2+deb11u1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-14 21:15 修改: 2025-04-23 19:15
dirmngr	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
e2fsprogs	CVE-2022-1304	高危	1.46.2-2	1.46.2-2+deb11u1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-14 21:15 修改: 2025-04-23 19:15
bash	CVE-2022-3715	高危	5.1-2+deb11u1		bash: a heap-buffer-overflow in valid_parameter_transform 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3715 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-01-05 15:15 修改: 2025-11-03 22:16
libcurl3-gnutls	CVE-2022-42916	高危	7.74.0-1.3+deb11u2		curl: HSTS bypass via IDN 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42916 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-29 02:15 修改: 2026-02-13 20:16
libcurl3-gnutls	CVE-2022-43551	高危	7.74.0-1.3+deb11u2		curl: HSTS bypass via IDN 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43551 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-12-23 15:15 修改: 2026-02-13 20:16
libcurl3-gnutls	CVE-2023-27533	高危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: TELNET option IAC injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27533 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-03-30 20:15 修改: 2026-02-13 21:16
libcurl3-gnutls	CVE-2023-27534	高危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-03-30 20:15 修改: 2025-04-23 17:16
libcurl3-gnutls	CVE-2026-5773	高危	7.74.0-1.3+deb11u2		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
libcurl3-gnutls	CVE-2026-6276	高危	7.74.0-1.3+deb11u2		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
curl	CVE-2022-42916	高危	7.74.0-1.3+deb11u2		curl: HSTS bypass via IDN 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42916 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-10-29 02:15 修改: 2026-02-13 20:16
curl	CVE-2022-43551	高危	7.74.0-1.3+deb11u2		curl: HSTS bypass via IDN 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43551 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-12-23 15:15 修改: 2026-02-13 20:16
git	CVE-2019-1387	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: Remote code execution in recursive clones with nested submodules 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1387 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2019-12-18 21:15 修改: 2025-11-04 16:15
libcurl4	CVE-2022-42916	高危	7.74.0-1.3+deb11u2		curl: HSTS bypass via IDN 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42916 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-10-29 02:15 修改: 2026-02-13 20:16
libcurl4	CVE-2022-43551	高危	7.74.0-1.3+deb11u2		curl: HSTS bypass via IDN 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43551 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-12-23 15:15 修改: 2026-02-13 20:16
libcurl4	CVE-2023-27533	高危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: TELNET option IAC injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27533 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2026-02-13 21:16
libcurl4	CVE-2023-27534	高危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-04-23 17:16
libcurl4	CVE-2026-5773	高危	7.74.0-1.3+deb11u2		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
libcurl4	CVE-2026-6276	高危	7.74.0-1.3+deb11u2		curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
git	CVE-2022-24765	高危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24765 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-12 18:15 修改: 2024-11-21 06:51
git	CVE-2022-29187	高危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: Bypass of safe.directory protections 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29187 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-07-12 21:15 修改: 2024-11-21 06:58
git	CVE-2022-39260	高危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: git shell function that splits command arguments can lead to arbitrary heap writes. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39260 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-19 12:15 修改: 2024-11-21 07:17
libexpat1	CVE-2022-40674	高危	2.2.10-2+deb11u3	2.2.10-2+deb11u4	expat: a use-after-free in the doContent function in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-09-14 11:15 修改: 2025-05-30 20:15
libexpat1	CVE-2022-43680	高危	2.2.10-2+deb11u3	2.2.10-2+deb11u5	expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43680 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-24 14:15 修改: 2025-05-30 20:15
libexpat1	CVE-2023-52425	高危	2.2.10-2+deb11u3	2.2.10-2+deb11u6	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-02-04 20:15 修改: 2025-11-04 19:16
libexpat1	CVE-2024-45490	高危	2.2.10-2+deb11u3	2.2.10-2+deb11u6	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libexpat1	CVE-2025-59375	高危	2.2.10-2+deb11u3		firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-09-15 03:15 修改: 2026-05-12 13:17
libexpat1	CVE-2026-25210	高危	2.2.10-2+deb11u3		libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-30 07:16 修改: 2026-06-02 14:16
libexpat1	CVE-2026-45186	高危	2.2.10-2+deb11u3		libexpat: denial of service via crafted XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-10 07:16 修改: 2026-05-14 17:20
libext2fs2	CVE-2022-1304	高危	1.46.2-2	1.46.2-2+deb11u1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-14 21:15 修改: 2025-04-23 19:15
libfreetype6	CVE-2025-27363	高危	2.10.4+dfsg-1+deb11u1	2.10.4+dfsg-1+deb11u2	freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27363 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2025-03-11 14:15 修改: 2026-04-20 13:15
libgcrypt20	CVE-2021-33560	高危	1.8.7-6		libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-06-08 11:15 修改: 2025-12-03 15:15
git	CVE-2023-23946	高危	1:2.30.2-1	1:2.30.2-1+deb11u2	git: git apply: a path outside the working tree can be overwritten with crafted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23946 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-14 20:15 修改: 2024-11-21 07:47
git	CVE-2023-25652	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25652 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-25 20:15 修改: 2025-11-04 17:15
libgnutls30	CVE-2022-2509	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u2	gnutls: Double free during gnutls_pkcs7_verify 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2509 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-08-01 14:15 修改: 2025-12-02 21:15
libgnutls30	CVE-2023-0361	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u3	gnutls: timing side-channel in the TLS RSA key exchange code 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0361 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-02-15 18:15 修改: 2025-03-19 18:15
libgnutls30	CVE-2024-0553	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u5	gnutls: incomplete fix for CVE-2023-5981 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-01-16 12:15 修改: 2026-03-24 12:16
libgnutls30	CVE-2024-0567	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u5	gnutls: rejects certificate chain with distributed trust 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0567 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-01-16 14:15 修改: 2024-11-21 08:46
libgnutls30	CVE-2025-32988	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u8	gnutls: Vulnerability in GnuTLS otherName SAN export 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
libgnutls30	CVE-2025-32990	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u8	gnutls: Vulnerability in GnuTLS certtool template parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-07-10 10:15 修改: 2026-04-20 22:16
libgnutls30	CVE-2026-33846	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-3833	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42009	高危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
git	CVE-2023-29007	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: arbitrary configuration injection when renaming or deleting a section from a configuration file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29007 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-25 21:15 修改: 2025-11-04 17:15
libgssapi-krb5-2	CVE-2022-42898	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libgssapi-krb5-2	CVE-2024-37370	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
git	CVE-2024-32004	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: RCE while cloning local repos 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32004 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 19:15 修改: 2026-01-06 17:09
libk5crypto3	CVE-2022-42898	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libk5crypto3	CVE-2024-37370	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
git	CVE-2024-32021	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: symlink bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32021 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 20:15 修改: 2026-01-05 19:19
libkrb5-3	CVE-2022-42898	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libkrb5-3	CVE-2024-37370	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
git	CVE-2024-32465	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: additional local RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32465 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 20:15 修改: 2026-01-05 19:15
libkrb5support0	CVE-2022-42898	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u3	krb5: integer overflow vulnerabilities in PAC parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-12-25 06:15 修改: 2025-04-14 19:15
libkrb5support0	CVE-2024-37370	高危	1.18.3-6+deb11u1	1.18.3-6+deb11u5	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
git	CVE-2024-52006	高危	1:2.30.2-1	1:2.30.2-1+deb11u4	git: Newline confusion in credential helpers can lead to credential exfiltration in git 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52006 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-14 19:15 修改: 2025-12-18 16:10
git	CVE-2025-48384	高危	1:2.30.2-1	1:2.30.2-1+deb11u5	git: Git arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48384 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-08 19:15 修改: 2025-11-06 14:52
libldap-2.4-2	CVE-2023-2953	高危	2.4.57+dfsg-3+deb11u1		openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15
libncurses6	CVE-2022-29458	高危	6.2+20201114-2	6.2+20201114-2+deb11u1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
libncurses6	CVE-2023-29491	高危	6.2+20201114-2	6.2+20201114-2+deb11u2	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
libncurses6	CVE-2025-69720	高危	6.2+20201114-2		ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-19 15:16 修改: 2026-06-02 14:16
libncursesw6	CVE-2022-29458	高危	6.2+20201114-2	6.2+20201114-2+deb11u1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
libncursesw6	CVE-2023-29491	高危	6.2+20201114-2	6.2+20201114-2+deb11u2	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
libncursesw6	CVE-2025-69720	高危	6.2+20201114-2		ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2026-03-19 15:16 修改: 2026-06-02 14:16
libnghttp2-14	CVE-2023-44487	高危	1.43.0-1	1.43.0-1+deb11u1	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-10-10 14:15 修改: 2026-05-12 15:10
libnghttp2-14	CVE-2026-27135	高危	1.43.0-1	1.43.0-1+deb11u3	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
libpam-modules	CVE-2025-6020	高危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam-modules-bin	CVE-2025-6020	高危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam-runtime	CVE-2025-6020	高危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam0g	CVE-2025-6020	高危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
curl	CVE-2023-27533	高危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: TELNET option IAC injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27533 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2026-02-13 21:16
curl	CVE-2023-27534	高危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: SFTP path ~ resolving discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27534 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-04-23 17:16
curl	CVE-2026-5773	高危	7.74.0-1.3+deb11u2		curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
git-man	CVE-2019-1387	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: Remote code execution in recursive clones with nested submodules 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1387 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2019-12-18 21:15 修改: 2025-11-04 16:15
libperl5.32	CVE-2020-16156	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-12-13 18:15 修改: 2025-11-03 22:15
libperl5.32	CVE-2023-31484	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
libperl5.32	CVE-2023-47038	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
libperl5.32	CVE-2026-42497	高危	5.32.1-4+deb11u2		perl-Archive-Tar: perl-Archive-Tar: Arbitrary file modification via crafted hardlinks during archive extraction 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42497 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
libperl5.32	CVE-2026-48962	高危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48962 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-27 19:38
libperl5.32	CVE-2026-9538	高危	5.32.1-4+deb11u2		Archive::Tar versions before 3.10 for Perl allow memory exhaustion via ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9538 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
libpng16-16	CVE-2025-64720	高危	1.6.37-3	1.6.37-3+deb11u1	libpng: LIBPNG buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64720 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:35
libpng16-16	CVE-2025-65018	高危	1.6.37-3	1.6.37-3+deb11u1	libpng: LIBPNG heap buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65018 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:34
libpng16-16	CVE-2025-66293	高危	1.6.37-3	1.6.37-3+deb11u1	libpng: LIBPNG out-of-bounds read in png_image_read_composite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66293 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2025-12-03 21:15 修改: 2025-12-16 19:12
libpng16-16	CVE-2026-22695	高危	1.6.37-3	1.6.37-3+deb11u2	libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22695 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng16-16	CVE-2026-22801	高危	1.6.37-3	1.6.37-3+deb11u2	libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22801 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng16-16	CVE-2026-25646	高危	1.6.37-3	1.6.37-3+deb11u2	libpng: LIBPNG has a heap buffer overflow in png_set_quantize 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25646 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-02-10 18:16 修改: 2026-02-13 20:43
git-man	CVE-2022-24765	高危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24765 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-12 18:15 修改: 2024-11-21 06:51
git-man	CVE-2022-29187	高危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: Bypass of safe.directory protections 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29187 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-07-12 21:15 修改: 2024-11-21 06:58
libpython3.9-minimal	CVE-2015-20107	高危	3.9.2-1	3.9.2-1+deb11u2	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-13 16:15 修改: 2025-11-03 22:15
libpython3.9-minimal	CVE-2020-10735	高危	3.9.2-1	3.9.2-1+deb11u2	python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-09-09 14:15 修改: 2025-11-03 22:15
libpython3.9-minimal	CVE-2021-28861	高危	3.9.2-1	3.9.2-1+deb11u2	python: open redirection vulnerability in lib/http/server.py may lead to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-23 01:15 修改: 2025-12-17 22:15
libpython3.9-minimal	CVE-2021-3737	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-04 19:15 修改: 2025-12-17 22:15
libpython3.9-minimal	CVE-2022-0391	高危	3.9.2-1	3.9.2-1+deb11u3	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-02-09 23:15 修改: 2025-12-17 21:15
libpython3.9-minimal	CVE-2022-42919	高危	3.9.2-1	3.9.2-1+deb11u2	python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-07 00:15 修改: 2025-11-03 22:16
libpython3.9-minimal	CVE-2022-45061	高危	3.9.2-1	3.9.2-1+deb11u2	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-09 07:15 修改: 2025-11-03 22:16
libpython3.9-minimal	CVE-2023-24329	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-17 15:15 修改: 2025-11-03 22:16
libpython3.9-minimal	CVE-2023-6597	高危	3.9.2-1	3.9.2-1+deb11u2	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2024-6232	高危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
libpython3.9-minimal	CVE-2024-7592	高危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-19 19:15 修改: 2025-11-03 23:17
libpython3.9-minimal	CVE-2024-9287	高危	3.9.2-1	3.9.2-1+deb11u2	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
libpython3.9-minimal	CVE-2025-13836	高危	3.9.2-1	3.9.2-1+deb11u4	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
libpython3.9-minimal	CVE-2025-69534	高危	3.9.2-1		python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-05 15:16 修改: 2026-03-13 01:25
libpython3.9-minimal	CVE-2026-3644	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:30
libpython3.9-minimal	CVE-2026-4224	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:33
libpython3.9-minimal	CVE-2026-6100	高危	3.9.2-1	3.9.2-1+deb11u6	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
libpython3.9-minimal	CVE-2026-7210	高危	3.9.2-1		python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 18:16 修改: 2026-06-15 17:51
git-man	CVE-2022-39260	高危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: git shell function that splits command arguments can lead to arbitrary heap writes. 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39260 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-19 12:15 修改: 2024-11-21 07:17
git-man	CVE-2023-23946	高危	1:2.30.2-1	1:2.30.2-1+deb11u2	git: git apply: a path outside the working tree can be overwritten with crafted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23946 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-14 20:15 修改: 2024-11-21 07:47
libpython3.9-stdlib	CVE-2015-20107	高危	3.9.2-1	3.9.2-1+deb11u2	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-13 16:15 修改: 2025-11-03 22:15
libpython3.9-stdlib	CVE-2020-10735	高危	3.9.2-1	3.9.2-1+deb11u2	python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-09-09 14:15 修改: 2025-11-03 22:15
libpython3.9-stdlib	CVE-2021-28861	高危	3.9.2-1	3.9.2-1+deb11u2	python: open redirection vulnerability in lib/http/server.py may lead to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-23 01:15 修改: 2025-12-17 22:15
libpython3.9-stdlib	CVE-2021-3737	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-04 19:15 修改: 2025-12-17 22:15
libpython3.9-stdlib	CVE-2022-0391	高危	3.9.2-1	3.9.2-1+deb11u3	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-02-09 23:15 修改: 2025-12-17 21:15
libpython3.9-stdlib	CVE-2022-42919	高危	3.9.2-1	3.9.2-1+deb11u2	python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-07 00:15 修改: 2025-11-03 22:16
libpython3.9-stdlib	CVE-2022-45061	高危	3.9.2-1	3.9.2-1+deb11u2	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-09 07:15 修改: 2025-11-03 22:16
libpython3.9-stdlib	CVE-2023-24329	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-17 15:15 修改: 2025-11-03 22:16
libpython3.9-stdlib	CVE-2023-6597	高危	3.9.2-1	3.9.2-1+deb11u2	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2024-6232	高危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
libpython3.9-stdlib	CVE-2024-7592	高危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-19 19:15 修改: 2025-11-03 23:17
libpython3.9-stdlib	CVE-2024-9287	高危	3.9.2-1	3.9.2-1+deb11u2	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
libpython3.9-stdlib	CVE-2025-13836	高危	3.9.2-1	3.9.2-1+deb11u4	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
libpython3.9-stdlib	CVE-2025-69534	高危	3.9.2-1		python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-05 15:16 修改: 2026-03-13 01:25
libpython3.9-stdlib	CVE-2026-3644	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:30
libpython3.9-stdlib	CVE-2026-4224	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:33
libpython3.9-stdlib	CVE-2026-6100	高危	3.9.2-1	3.9.2-1+deb11u6	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
libpython3.9-stdlib	CVE-2026-7210	高危	3.9.2-1		python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 18:16 修改: 2026-06-15 17:51
git-man	CVE-2023-25652	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25652 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-25 20:15 修改: 2025-11-04 17:15
libsqlite3-0	CVE-2021-36690	高危	3.34.1-3	3.34.1-3+deb11u1	A segmentation fault can occur in the sqlite3.exe command-line compone ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36690 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2021-08-24 14:15 修改: 2025-11-03 22:15
libsqlite3-0	CVE-2023-7104	高危	3.34.1-3	3.34.1-3+deb11u1	sqlite: heap-buffer-overflow at sessionfuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-12-29 10:15 修改: 2025-11-03 22:16
libsqlite3-0	CVE-2026-11822	高危	3.34.1-3		SQLite before 3.53.2 contains memory corruption vulnerabilities in the ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11822 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2026-06-09 20:16 修改: 2026-06-11 17:12
libsqlite3-0	CVE-2026-11824	高危	3.34.1-3		SQLite before 3.53.2 contains a heap-based buffer overflow vulnerabili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11824 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2026-06-09 20:16 修改: 2026-06-11 17:12
libss2	CVE-2022-1304	高危	1.46.2-2	1.46.2-2+deb11u1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-14 21:15 修改: 2025-04-23 19:15
libssh2-1	CVE-2020-22218	高危	1.9.0-2	1.9.0-2+deb11u1	libssh2: use-of-uninitialized-value in _libssh2_transport_read 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-22218 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-08-22 19:16 修改: 2024-11-21 05:13
libssh2-1	CVE-2026-7598	高危	1.9.0-2		libssh2: integer overflow via large username or password arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7598 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-01 22:16 修改: 2026-05-07 01:47
libssl1.1	CVE-2022-4450	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0215	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0286	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0464	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-03-22 17:15 修改: 2025-05-05 16:15
libssl1.1	CVE-2025-69421	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28387	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28388	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28389	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-28390	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-45447	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libsystemd0	CVE-2023-50387	高危	247.3-7	247.3-7+deb11u6	bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-14 16:15 修改: 2025-11-04 19:16
libsystemd0	CVE-2023-50868	高危	247.3-7	247.3-7+deb11u6	bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-14 16:15 修改: 2025-12-23 20:20
git-man	CVE-2023-29007	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: arbitrary configuration injection when renaming or deleting a section from a configuration file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29007 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-25 21:15 修改: 2025-11-04 17:15
libtinfo6	CVE-2022-29458	高危	6.2+20201114-2	6.2+20201114-2+deb11u1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
libtinfo6	CVE-2023-29491	高危	6.2+20201114-2	6.2+20201114-2+deb11u2	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
libtinfo6	CVE-2025-69720	高危	6.2+20201114-2		ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-19 15:16 修改: 2026-06-02 14:16
libtirpc-common	CVE-2021-46828	高危	1.3.1-1	1.3.1-1+deb11u1	libtirpc: DoS vulnerability with lots of connections 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-07-20 06:15 修改: 2025-05-05 17:17
libtirpc3	CVE-2021-46828	高危	1.3.1-1	1.3.1-1+deb11u1	libtirpc: DoS vulnerability with lots of connections 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46828 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-07-20 06:15 修改: 2025-05-05 17:17
libudev1	CVE-2023-50387	高危	247.3-7	247.3-7+deb11u6	bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-14 16:15 修改: 2025-11-04 19:16
libudev1	CVE-2023-50868	高危	247.3-7	247.3-7+deb11u6	bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-14 16:15 修改: 2025-12-23 20:20
libzstd1	CVE-2022-4899	高危	1.4.8+dfsg-2.1		zstd: mysql: buffer overrun in util.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-03-31 20:15 修改: 2025-02-18 18:15
logsave	CVE-2022-1304	高危	1.46.2-2	1.46.2-2+deb11u1	e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-14 21:15 修改: 2025-04-23 19:15
ncurses-base	CVE-2022-29458	高危	6.2+20201114-2	6.2+20201114-2+deb11u1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
ncurses-base	CVE-2023-29491	高危	6.2+20201114-2	6.2+20201114-2+deb11u2	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
ncurses-base	CVE-2025-69720	高危	6.2+20201114-2		ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-19 15:16 修改: 2026-06-02 14:16
ncurses-bin	CVE-2022-29458	高危	6.2+20201114-2	6.2+20201114-2+deb11u1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
ncurses-bin	CVE-2023-29491	高危	6.2+20201114-2	6.2+20201114-2+deb11u2	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
ncurses-bin	CVE-2025-69720	高危	6.2+20201114-2		ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-19 15:16 修改: 2026-06-02 14:16
git-man	CVE-2024-32004	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: RCE while cloning local repos 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32004 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 19:15 修改: 2026-01-06 17:09
openssh-client	CVE-2021-41617	高危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u3	openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-09-26 19:15 修改: 2026-05-12 10:16
openssh-client	CVE-2026-3497	高危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u6	openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3497 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-12 19:16 修改: 2026-06-02 19:43
openssh-client	CVE-2026-35385	高危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35385 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:02
openssh-client	CVE-2026-35386	高危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35386 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:03
openssh-client	CVE-2026-35414	高危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35414 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-02 18:16 修改: 2026-04-10 19:36
openssl	CVE-2022-4450	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: double free after calling PEM_read_bio_ex 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4450 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
openssl	CVE-2023-0215	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: use-after-free following BIO_new_NDEF 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0215 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
openssl	CVE-2023-0286	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: X.400 address type confusion in X.509 GeneralName 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
openssl	CVE-2023-0464	高危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Denial of service by excessive resource usage in verifying X509 policy constraints 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0464 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-22 17:15 修改: 2025-05-05 16:15
openssl	CVE-2025-69421	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28387	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28388	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28389	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28390	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u7	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-45447	高危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
git-man	CVE-2024-32021	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: symlink bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32021 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 20:15 修改: 2026-01-05 19:19
git-man	CVE-2024-32465	高危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: additional local RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32465 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 20:15 修改: 2026-01-05 19:15
perl	CVE-2020-16156	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-12-13 18:15 修改: 2025-11-03 22:15
perl	CVE-2023-31484	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
perl	CVE-2023-47038	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl	CVE-2026-42497	高危	5.32.1-4+deb11u2		perl-Archive-Tar: perl-Archive-Tar: Arbitrary file modification via crafted hardlinks during archive extraction 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42497 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
perl	CVE-2026-48962	高危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48962 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-27 19:38
perl	CVE-2026-9538	高危	5.32.1-4+deb11u2		Archive::Tar versions before 3.10 for Perl allow memory exhaustion via ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9538 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
git-man	CVE-2024-52006	高危	1:2.30.2-1	1:2.30.2-1+deb11u4	git: Newline confusion in credential helpers can lead to credential exfiltration in git 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52006 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-14 19:15 修改: 2025-12-18 16:10
git-man	CVE-2025-48384	高危	1:2.30.2-1	1:2.30.2-1+deb11u5	git: Git arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48384 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-08 19:15 修改: 2025-11-06 14:52
perl-base	CVE-2020-16156	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-12-13 18:15 修改: 2025-11-03 22:15
perl-base	CVE-2023-31484	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
perl-base	CVE-2023-47038	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-base	CVE-2026-42497	高危	5.32.1-4+deb11u2		perl-Archive-Tar: perl-Archive-Tar: Arbitrary file modification via crafted hardlinks during archive extraction 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42497 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
perl-base	CVE-2026-48962	高危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48962 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-27 04:16 修改: 2026-05-27 19:38
perl-base	CVE-2026-9538	高危	5.32.1-4+deb11u2		Archive::Tar versions before 3.10 for Perl allow memory exhaustion via ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9538 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
gnupg	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
gnupg-l10n	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
perl-modules-5.32	CVE-2020-16156	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-12-13 18:15 修改: 2025-11-03 22:15
perl-modules-5.32	CVE-2023-31484	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u4	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
perl-modules-5.32	CVE-2023-47038	高危	5.32.1-4+deb11u2	5.32.1-4+deb11u3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-modules-5.32	CVE-2026-42497	高危	5.32.1-4+deb11u2		perl-Archive-Tar: perl-Archive-Tar: Arbitrary file modification via crafted hardlinks during archive extraction 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42497 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
perl-modules-5.32	CVE-2026-48962	高危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48962 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-27 19:38
perl-modules-5.32	CVE-2026-9538	高危	5.32.1-4+deb11u2		Archive::Tar versions before 3.10 for Perl allow memory exhaustion via ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9538 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-26 02:16 修改: 2026-05-28 14:16
gnupg-utils	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
gpg	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
python3.9	CVE-2015-20107	高危	3.9.2-1	3.9.2-1+deb11u2	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-13 16:15 修改: 2025-11-03 22:15
python3.9	CVE-2020-10735	高危	3.9.2-1	3.9.2-1+deb11u2	python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-09-09 14:15 修改: 2025-11-03 22:15
python3.9	CVE-2021-28861	高危	3.9.2-1	3.9.2-1+deb11u2	python: open redirection vulnerability in lib/http/server.py may lead to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-23 01:15 修改: 2025-12-17 22:15
python3.9	CVE-2021-3737	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-04 19:15 修改: 2025-12-17 22:15
python3.9	CVE-2022-0391	高危	3.9.2-1	3.9.2-1+deb11u3	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-02-09 23:15 修改: 2025-12-17 21:15
python3.9	CVE-2022-42919	高危	3.9.2-1	3.9.2-1+deb11u2	python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-07 00:15 修改: 2025-11-03 22:16
python3.9	CVE-2022-45061	高危	3.9.2-1	3.9.2-1+deb11u2	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-09 07:15 修改: 2025-11-03 22:16
python3.9	CVE-2023-24329	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-17 15:15 修改: 2025-11-03 22:16
python3.9	CVE-2023-6597	高危	3.9.2-1	3.9.2-1+deb11u2	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3.9	CVE-2024-6232	高危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
python3.9	CVE-2024-7592	高危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-19 19:15 修改: 2025-11-03 23:17
python3.9	CVE-2024-9287	高危	3.9.2-1	3.9.2-1+deb11u2	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
python3.9	CVE-2025-13836	高危	3.9.2-1	3.9.2-1+deb11u4	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
python3.9	CVE-2025-69534	高危	3.9.2-1		python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-05 15:16 修改: 2026-03-13 01:25
python3.9	CVE-2026-3644	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:30
python3.9	CVE-2026-4224	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:33
python3.9	CVE-2026-6100	高危	3.9.2-1	3.9.2-1+deb11u6	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
python3.9	CVE-2026-7210	高危	3.9.2-1		python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 18:16 修改: 2026-06-15 17:51
gpg-agent	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
gpg-wks-client	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
python3.9-minimal	CVE-2015-20107	高危	3.9.2-1	3.9.2-1+deb11u2	python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-04-13 16:15 修改: 2025-11-03 22:15
python3.9-minimal	CVE-2020-10735	高危	3.9.2-1	3.9.2-1+deb11u2	python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-09-09 14:15 修改: 2025-11-03 22:15
python3.9-minimal	CVE-2021-28861	高危	3.9.2-1	3.9.2-1+deb11u2	python: open redirection vulnerability in lib/http/server.py may lead to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28861 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-23 01:15 修改: 2025-12-17 22:15
python3.9-minimal	CVE-2021-3737	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: HTTP client possible infinite loop on a 100 Continue response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3737 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-04 19:15 修改: 2025-12-17 22:15
python3.9-minimal	CVE-2022-0391	高危	3.9.2-1	3.9.2-1+deb11u3	python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-02-09 23:15 修改: 2025-12-17 21:15
python3.9-minimal	CVE-2022-42919	高危	3.9.2-1	3.9.2-1+deb11u2	python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-07 00:15 修改: 2025-11-03 22:16
python3.9-minimal	CVE-2022-45061	高危	3.9.2-1	3.9.2-1+deb11u2	python: CPU denial of service via inefficient IDNA decoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45061 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-11-09 07:15 修改: 2025-11-03 22:16
python3.9-minimal	CVE-2023-24329	高危	3.9.2-1	3.9.2-1+deb11u2	python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-17 15:15 修改: 2025-11-03 22:16
python3.9-minimal	CVE-2023-6597	高危	3.9.2-1	3.9.2-1+deb11u2	python: Path traversal on tempfile.TemporaryDirectory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2024-6232	高危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: tarfile: ReDos via excessive backtracking while parsing header values 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-09-03 13:15 修改: 2025-11-03 23:17
python3.9-minimal	CVE-2024-7592	高危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Uncontrolled CPU resource consumption when in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-19 19:15 修改: 2025-11-03 23:17
python3.9-minimal	CVE-2024-9287	高危	3.9.2-1	3.9.2-1+deb11u2	python: Virtual environment (venv) activation scripts don't quote paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-10-22 17:15 修改: 2025-11-03 23:17
python3.9-minimal	CVE-2025-13836	高危	3.9.2-1	3.9.2-1+deb11u4	cpython: Excessive read buffering DoS in http.client 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13836 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-05-18 16:58
python3.9-minimal	CVE-2025-69534	高危	3.9.2-1		python-markdown: denial of service via malformed HTML-like sequences 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69534 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-05 15:16 修改: 2026-03-13 01:25
python3.9-minimal	CVE-2026-3644	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Incomplete control character validation in http.cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3644 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:30
python3.9-minimal	CVE-2026-4224	高危	3.9.2-1	3.9.2-1+deb11u7	cpython: Stack overflow parsing XML with deeply nested DTD content models 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4224 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 18:16 修改: 2026-06-04 19:33
python3.9-minimal	CVE-2026-6100	高危	3.9.2-1	3.9.2-1+deb11u6	python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-13 18:16 修改: 2026-04-17 15:18
python3.9-minimal	CVE-2026-7210	高危	3.9.2-1		python: expat: Python/Expat: Denial of Service via crafted XML document 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 18:16 修改: 2026-06-15 17:51
gpg-wks-server	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
gpgconf	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
gpgsm	CVE-2025-68973	高危	2.2.27-2+deb11u2	2.2.27-2+deb11u3	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
libpam-runtime	CVE-2024-10041	中危	1.4.0-9+deb11u1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime	CVE-2024-22365	中危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam-runtime	CVE-2026-54411	中危	1.4.0-9+deb11u1		linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-14 18:17 修改: 2026-06-16 15:36
curl	CVE-2026-4873	中危	7.74.0-1.3+deb11u2		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
libpam0g	CVE-2024-10041	中危	1.4.0-9+deb11u1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g	CVE-2024-22365	中危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam0g	CVE-2026-54411	中危	1.4.0-9+deb11u1		linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-14 18:17 修改: 2026-06-16 15:36
curl	CVE-2026-5545	中危	7.74.0-1.3+deb11u2		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
libc6	CVE-2023-4806	中危	2.31-13+deb11u3		glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-18 17:15 修改: 2026-05-12 11:16
libc6	CVE-2023-4813	中危	2.31-13+deb11u3		glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-12 22:15 修改: 2025-09-26 12:15
libc6	CVE-2024-33600	中危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2025-0395	中危	2.31-13+deb11u3	2.31-13+deb11u12	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
libc6	CVE-2025-4802	中危	2.31-13+deb11u3	2.31-13+deb11u13	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
libc6	CVE-2025-8058	中危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libc6	CVE-2026-0915	中危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc6	CVE-2026-4046	中危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-5435	中危	2.31-13+deb11u3		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libperl5.32	CVE-2025-15649	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Denial of Service via malformed DOS date in zip header 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15649 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
libperl5.32	CVE-2025-40909	中危	5.32.1-4+deb11u2	5.32.1-4+deb11u5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
libperl5.32	CVE-2026-12087	中危	5.32.1-4+deb11u2		perl-Socket: perl-Socket: Information Disclosure due to Out-of-Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12087 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-15 22:16 修改: 2026-06-16 17:16
libperl5.32	CVE-2026-48959	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: CPU exhaustion via per-byte read loop in fastForward 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48959 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
libperl5.32	CVE-2026-48961	中危	5.32.1-4+deb11u2		perl-IO-Compress: IO::Compress: Denial of Service in zipdetails CLI tool via malformed Info-ZIP Unix Extra Field 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48961 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
libperl5.32	CVE-2026-7010	中危	5.32.1-4+deb11u2		HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7010 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 22:22 修改: 2026-05-12 16:48
libc6	CVE-2026-5450	中危	2.31-13+deb11u3		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
libc6	CVE-2026-5928	中危	2.31-13+deb11u3		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
libc6	CVE-2026-6238	中危	2.31-13+deb11u3		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
curl	CVE-2026-6253	中危	7.74.0-1.3+deb11u2		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
curl	CVE-2026-6429	中危	7.74.0-1.3+deb11u2		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
curl	CVE-2026-7168	中危	7.74.0-1.3+deb11u2		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
libpng16-16	CVE-2025-64505	中危	1.6.37-3	1.6.37-3+deb11u1	libpng: LIBPNG heap buffer overflow via malformed palette index 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64505 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:28
libpng16-16	CVE-2025-64506	中危	1.6.37-3	1.6.37-3+deb11u1	libpng: LIBPNG heap buffer over-read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64506 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:34
libpng16-16	CVE-2026-33416	中危	1.6.37-3	1.6.37-3+deb11u3	libpng: libpng: Arbitrary code execution due to use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33416 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-03-26 17:16 修改: 2026-04-02 20:28
libpng16-16	CVE-2026-33636	中危	1.6.37-3	1.6.37-3+deb11u3	libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33636 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-03-26 17:16 修改: 2026-04-02 18:42
libpng16-16	CVE-2026-34757	中危	1.6.37-3	1.6.37-3+deb11u4	libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-04-09 15:16 修改: 2026-05-13 23:07
libpng16-16	CVE-2026-40930	中危	1.6.37-3		LIBPNG is a reference library for use in applications that process PNG ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40930 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-06-04 16:16 修改: 2026-06-04 16:23
bsdutils	CVE-2026-27456	中危	1:2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
dirmngr	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
dirmngr	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
bsdutils	CVE-2026-3184	中危	1:2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
bzip2	CVE-2026-42250	中危	1.0.8-4		bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-05-28 14:16 修改: 2026-06-05 08:16
curl	CVE-2022-43552	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u5	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-09 20:15 修改: 2024-11-21 07:26
curl	CVE-2023-23915	中危	7.74.0-1.3+deb11u2		curl: HSTS amnesia with --parallel 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23915 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-23 20:15 修改: 2026-02-13 21:16
libcurl3-gnutls	CVE-2022-43552	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u5	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-09 20:15 修改: 2024-11-21 07:26
libcurl3-gnutls	CVE-2023-23915	中危	7.74.0-1.3+deb11u2		curl: HSTS amnesia with --parallel 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23915 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-23 20:15 修改: 2026-02-13 21:16
libcurl3-gnutls	CVE-2023-23916	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u7	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-23 20:15 修改: 2025-03-12 19:15
libcurl3-gnutls	CVE-2023-27535	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-03-30 20:15 修改: 2025-06-09 15:15
libcurl3-gnutls	CVE-2023-27536	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-03-30 20:15 修改: 2025-02-14 16:15
libcurl3-gnutls	CVE-2023-27538	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: SSH connection too eager reuse still 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27538 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-03-30 20:15 修改: 2025-06-09 15:15
libcurl3-gnutls	CVE-2023-28321	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u9	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl3-gnutls	CVE-2023-46218	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u11	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-07 01:15 修改: 2026-05-12 11:16
libcurl3-gnutls	CVE-2023-46219	中危	7.74.0-1.3+deb11u2		curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-12 02:15 修改: 2026-05-12 11:16
libcurl3-gnutls	CVE-2024-2398	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u12	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl3-gnutls	CVE-2024-7264	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u13	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
libcurl3-gnutls	CVE-2024-8096	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u14	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-09-11 10:15 修改: 2025-07-30 19:42
libcurl3-gnutls	CVE-2024-9681	中危	7.74.0-1.3+deb11u2		curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
libpython3.9-minimal	CVE-2021-3426	中危	3.9.2-1	3.9.2-1+deb11u2	python: Information disclosure via pydoc 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-20 13:15 修改: 2025-12-18 12:15
libpython3.9-minimal	CVE-2021-3733	中危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: Regular expression DoS in AbstractBasicAuthHandler 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-10 17:42 修改: 2025-11-03 22:15
libpython3.9-minimal	CVE-2021-4189	中危	3.9.2-1	3.9.2-1+deb11u2	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-24 16:15 修改: 2025-12-17 22:15
libpython3.9-minimal	CVE-2023-27043	中危	3.9.2-1	3.9.2-1+deb11u2	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-19 00:15 修改: 2026-05-12 11:16
libpython3.9-minimal	CVE-2023-40217	中危	3.9.2-1	3.9.2-1+deb11u2	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-08-25 01:15 修改: 2025-11-03 22:16
libpython3.9-minimal	CVE-2024-0450	中危	3.9.2-1	3.9.2-1+deb11u2	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2024-11168	中危	3.9.2-1	3.9.2-1+deb11u2	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2024-6923	中危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2024-8088	中危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-22 19:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-0938	中危	3.9.2-1	3.9.2-1+deb11u3	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-11468	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-12084	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
libpython3.9-minimal	CVE-2025-12781	中危	3.9.2-1		cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-21 20:16 修改: 2026-02-02 17:25
libpython3.9-minimal	CVE-2025-13837	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
libpython3.9-minimal	CVE-2025-15282	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-15366	中危	3.9.2-1		cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-15367	中危	3.9.2-1		cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-4516	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: CPython DecodeError Handling Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-15 14:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-6069	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Python HTMLParser quadratic complexity 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-6075	中危	3.9.2-1	3.9.2-1+deb11u4	python: Quadratic complexity in os.path.expandvars() with user-controlled template 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
libpython3.9-minimal	CVE-2025-8194	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-8291	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-07 18:16 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2026-0672	中危	3.9.2-1	3.9.2-1+deb11u7	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2026-0865	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2026-1299	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2026-1502	中危	3.9.2-1		python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 18:16 修改: 2026-06-04 15:16
libpython3.9-minimal	CVE-2026-3276	中危	3.9.2-1		python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-03 16:16 修改: 2026-06-16 15:16
libpython3.9-minimal	CVE-2026-3446	中危	3.9.2-1		python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 19:16 修改: 2026-04-13 17:16
libpython3.9-minimal	CVE-2026-6019	中危	3.9.2-1		python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
libpython3.9-minimal	CVE-2026-7774	中危	3.9.2-1		python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-04 16:16 修改: 2026-06-10 19:16
libpython3.9-minimal	CVE-2026-8328	中危	3.9.2-1		The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 21:16 修改: 2026-06-10 19:16
libpython3.9-minimal	CVE-2026-9669	中危	3.9.2-1		python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-08 23:17 修改: 2026-06-10 19:16
libcurl3-gnutls	CVE-2026-1965	中危	7.74.0-1.3+deb11u2		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libcurl3-gnutls	CVE-2026-3783	中危	7.74.0-1.3+deb11u2		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libcurl3-gnutls	CVE-2026-3784	中危	7.74.0-1.3+deb11u2		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
libcurl3-gnutls	CVE-2026-4873	中危	7.74.0-1.3+deb11u2		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
libcurl3-gnutls	CVE-2026-5545	中危	7.74.0-1.3+deb11u2		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
libcurl3-gnutls	CVE-2026-6253	中危	7.74.0-1.3+deb11u2		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
libcurl3-gnutls	CVE-2026-6429	中危	7.74.0-1.3+deb11u2		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
libcurl3-gnutls	CVE-2026-7168	中危	7.74.0-1.3+deb11u2		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
curl	CVE-2023-23916	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u7	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-23 20:15 修改: 2025-03-12 19:15
git-man	CVE-2022-39253	中危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: exposure of sensitive information to a malicious actor 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39253 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-19 11:15 修改: 2024-11-21 07:17
git-man	CVE-2023-22490	中危	1:2.30.2-1	1:2.30.2-1+deb11u2	git: data exfiltration with maliciously crafted repository 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22490 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-14 20:15 修改: 2024-11-21 07:44
git-man	CVE-2024-50349	中危	1:2.30.2-1	1:2.30.2-1+deb11u4	git: Git does not sanitize URLs when asking for credentials interactively 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50349 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-14 19:15 修改: 2025-12-18 16:42
git-man	CVE-2025-27613	中危	1:2.30.2-1	1:2.30.2-1+deb11u5	gitk: Git file creation flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27613 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-10 15:15 修改: 2026-04-15 00:35
curl	CVE-2023-27535	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-06-09 15:15
gnupg	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gnupg	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2023-27536	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-02-14 16:15
libcurl4	CVE-2022-43552	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u5	curl: Use-after-free triggered by an HTTP proxy deny response 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-09 20:15 修改: 2024-11-21 07:26
libcurl4	CVE-2023-23915	中危	7.74.0-1.3+deb11u2		curl: HSTS amnesia with --parallel 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23915 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-23 20:15 修改: 2026-02-13 21:16
libcurl4	CVE-2023-23916	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u7	curl: HTTP multi-header compression denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-23916 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-23 20:15 修改: 2025-03-12 19:15
libpython3.9-stdlib	CVE-2021-3426	中危	3.9.2-1	3.9.2-1+deb11u2	python: Information disclosure via pydoc 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-20 13:15 修改: 2025-12-18 12:15
libpython3.9-stdlib	CVE-2021-3733	中危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: Regular expression DoS in AbstractBasicAuthHandler 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-10 17:42 修改: 2025-11-03 22:15
libpython3.9-stdlib	CVE-2021-4189	中危	3.9.2-1	3.9.2-1+deb11u2	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-24 16:15 修改: 2025-12-17 22:15
libpython3.9-stdlib	CVE-2023-27043	中危	3.9.2-1	3.9.2-1+deb11u2	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-19 00:15 修改: 2026-05-12 11:16
libpython3.9-stdlib	CVE-2023-40217	中危	3.9.2-1	3.9.2-1+deb11u2	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-08-25 01:15 修改: 2025-11-03 22:16
libpython3.9-stdlib	CVE-2024-0450	中危	3.9.2-1	3.9.2-1+deb11u2	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2024-11168	中危	3.9.2-1	3.9.2-1+deb11u2	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2024-6923	中危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2024-8088	中危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-22 19:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-0938	中危	3.9.2-1	3.9.2-1+deb11u3	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-11468	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-12084	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
libpython3.9-stdlib	CVE-2025-12781	中危	3.9.2-1		cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-21 20:16 修改: 2026-02-02 17:25
libpython3.9-stdlib	CVE-2025-13837	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
libpython3.9-stdlib	CVE-2025-15282	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-15366	中危	3.9.2-1		cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-15367	中危	3.9.2-1		cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-4516	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: CPython DecodeError Handling Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-15 14:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-6069	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Python HTMLParser quadratic complexity 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-6075	中危	3.9.2-1	3.9.2-1+deb11u4	python: Quadratic complexity in os.path.expandvars() with user-controlled template 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
libpython3.9-stdlib	CVE-2025-8194	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-8291	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-07 18:16 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2026-0672	中危	3.9.2-1	3.9.2-1+deb11u7	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2026-0865	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2026-1299	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2026-1502	中危	3.9.2-1		python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 18:16 修改: 2026-06-04 15:16
libpython3.9-stdlib	CVE-2026-3276	中危	3.9.2-1		python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-03 16:16 修改: 2026-06-16 15:16
libpython3.9-stdlib	CVE-2026-3446	中危	3.9.2-1		python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 19:16 修改: 2026-04-13 17:16
libpython3.9-stdlib	CVE-2026-6019	中危	3.9.2-1		python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
libpython3.9-stdlib	CVE-2026-7774	中危	3.9.2-1		python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-04 16:16 修改: 2026-06-10 19:16
libpython3.9-stdlib	CVE-2026-8328	中危	3.9.2-1		The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 21:16 修改: 2026-06-10 19:16
libpython3.9-stdlib	CVE-2026-9669	中危	3.9.2-1		python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-08 23:17 修改: 2026-06-10 19:16
libsmartcols1	CVE-2026-27456	中危	2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsmartcols1	CVE-2026-3184	中危	2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libcurl4	CVE-2023-27535	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: FTP too eager connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27535 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-06-09 15:15
libcurl4	CVE-2023-27536	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: GSS delegation too eager connection re-use 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27536 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-02-14 16:15
libcurl4	CVE-2023-27538	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: SSH connection too eager reuse still 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27538 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-06-09 15:15
libcurl4	CVE-2023-28321	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u9	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl4	CVE-2023-46218	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u11	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-12-07 01:15 修改: 2026-05-12 11:16
libcurl4	CVE-2023-46219	中危	7.74.0-1.3+deb11u2		curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-12-12 02:15 修改: 2026-05-12 11:16
libcurl4	CVE-2024-2398	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u12	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl4	CVE-2024-7264	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u13	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
libcurl4	CVE-2024-8096	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u14	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-09-11 10:15 修改: 2025-07-30 19:42
libcurl4	CVE-2024-9681	中危	7.74.0-1.3+deb11u2		curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
libcurl4	CVE-2026-1965	中危	7.74.0-1.3+deb11u2		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libcurl4	CVE-2026-3783	中危	7.74.0-1.3+deb11u2		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libcurl4	CVE-2026-3784	中危	7.74.0-1.3+deb11u2		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
libcurl4	CVE-2026-4873	中危	7.74.0-1.3+deb11u2		curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
libcurl4	CVE-2026-5545	中危	7.74.0-1.3+deb11u2		curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
libcurl4	CVE-2026-6253	中危	7.74.0-1.3+deb11u2		curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
libcurl4	CVE-2026-6429	中危	7.74.0-1.3+deb11u2		curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
libcurl4	CVE-2026-7168	中危	7.74.0-1.3+deb11u2		curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
libssl1.1	CVE-2022-2097	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-07-05 11:15 修改: 2024-11-21 07:00
libssl1.1	CVE-2022-4304	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
libssl1.1	CVE-2023-0465	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-03-28 15:15 修改: 2025-02-18 21:15
libssl1.1	CVE-2023-0466	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-03-28 15:15 修改: 2025-02-19 18:15
libssl1.1	CVE-2023-2650	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libssl1.1	CVE-2023-3446	中危	1.1.1n-0+deb11u3	1.1.1v-0~deb11u1	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libssl1.1	CVE-2023-3817	中危	1.1.1n-0+deb11u3	1.1.1v-0~deb11u1	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
libssl1.1	CVE-2023-5678	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
libssl1.1	CVE-2024-0727	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
libssl1.1	CVE-2025-69419	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-9230	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u4	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libsvn1	CVE-2024-46901	中危	1.14.1-3+deb11u1	1.14.1-3+deb11u2	Subversion: Apache Subversion: mod_dav_svn denial-of-service via control characters in paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46901 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-12-09 10:15 修改: 2025-07-15 16:35
gnupg-l10n	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gnupg-l10n	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
libsystemd0	CVE-2022-3821	中危	247.3-7	247.3-7+deb11u2	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-11-08 22:15 修改: 2025-05-02 18:15
libsystemd0	CVE-2022-4415	中危	247.3-7	247.3-7+deb11u2	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-01-11 15:15 修改: 2025-11-03 20:15
libsystemd0	CVE-2023-7008	中危	247.3-7	247.3-7+deb11u6	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libsystemd0	CVE-2025-4598	中危	247.3-7	247.3-7+deb11u7	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
libsystemd0	CVE-2026-29111	中危	247.3-7	247.3-7+deb11u8	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libsystemd0	CVE-2026-40225	中危	247.3-7	247.3-7+deb11u8	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libsystemd0	CVE-2026-40226	中危	247.3-7	247.3-7+deb11u8	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libsystemd0	CVE-2026-4105	中危	247.3-7	247.3-7+deb11u8	systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-13 19:55 修改: 2026-04-30 17:16
curl	CVE-2023-27538	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u8	curl: SSH connection too eager reuse still 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27538 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-30 20:15 修改: 2025-06-09 15:15
libtasn1-6	CVE-2024-12133	中危	4.16.0-2	4.16.0-2+deb11u2	libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
gnupg-utils	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gnupg-utils	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2023-28321	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u9	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libtinfo6	CVE-2023-50495	中危	6.2+20201114-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
gpg	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gpg	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2023-46218	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u11	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-12-07 01:15 修改: 2026-05-12 11:16
gpg-agent	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
libudev1	CVE-2022-3821	中危	247.3-7	247.3-7+deb11u2	systemd: buffer overrun in format_timespan() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3821 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-11-08 22:15 修改: 2025-05-02 18:15
libudev1	CVE-2022-4415	中危	247.3-7	247.3-7+deb11u2	systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-01-11 15:15 修改: 2025-11-03 20:15
libudev1	CVE-2023-7008	中危	247.3-7	247.3-7+deb11u6	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libudev1	CVE-2025-4598	中危	247.3-7	247.3-7+deb11u7	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
libudev1	CVE-2026-29111	中危	247.3-7	247.3-7+deb11u8	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libudev1	CVE-2026-40225	中危	247.3-7	247.3-7+deb11u8	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libudev1	CVE-2026-40226	中危	247.3-7	247.3-7+deb11u8	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libudev1	CVE-2026-4105	中危	247.3-7	247.3-7+deb11u8	systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4105 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-13 19:55 修改: 2026-04-30 17:16
libuuid1	CVE-2026-27456	中危	2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libuuid1	CVE-2026-3184	中危	2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libexpat1	CVE-2024-50602	中危	2.2.10-2+deb11u3	2.2.10-2+deb11u7	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-10-27 05:15 修改: 2025-10-15 17:54
login	CVE-2023-4641	中危	1:4.8.1-1	1:4.8.1-1+deb11u1	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-27 16:15 修改: 2025-11-03 20:16
libexpat1	CVE-2024-8176	中危	2.2.10-2+deb11u3		libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-03-14 09:15 修改: 2026-04-15 00:35
mount	CVE-2026-27456	中危	2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount	CVE-2026-3184	中危	2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libexpat1	CVE-2025-66382	中危	2.2.10-2+deb11u3		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libexpat1	CVE-2026-32776	中危	2.2.10-2+deb11u3		libexpat: libexpat: Denial of Service due to NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libexpat1	CVE-2026-32777	中危	2.2.10-2+deb11u3		libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
ncurses-base	CVE-2023-50495	中危	6.2+20201114-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libexpat1	CVE-2026-32778	中危	2.2.10-2+deb11u3		libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libexpat1	CVE-2026-50219	中危	2.2.10-2+deb11u3		expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-04 06:16 修改: 2026-06-04 18:39
gpg-agent	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
ncurses-bin	CVE-2023-50495	中危	6.2+20201114-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
curl	CVE-2023-46219	中危	7.74.0-1.3+deb11u2		curl: excessively long file name may lead to unknown HSTS status 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46219 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-12-12 02:15 修改: 2026-05-12 11:16
gpg-wks-client	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gpg-wks-client	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2024-2398	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u12	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
gpg-wks-server	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gpg-wks-server	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
openssh-client	CVE-2023-48795	中危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u3	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-18 16:15 修改: 2026-05-12 11:16
openssh-client	CVE-2023-51385	中危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u3	openssh: potential command injection via shell metacharacters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51385 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-18 19:15 修改: 2026-05-12 12:16
openssh-client	CVE-2025-26465	中危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u4	openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-26465 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-02-18 19:15 修改: 2026-05-12 13:16
openssh-client	CVE-2025-61984	中危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61984 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
openssh-client	CVE-2025-61985	中危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61985 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-06 19:15 修改: 2026-04-15 00:35
openssh-client	CVE-2026-35387	中危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35387 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:05
curl	CVE-2024-7264	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u13	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
gpgconf	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gpgconf	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2024-8096	中危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u14	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-09-11 10:15 修改: 2025-07-30 19:42
gpgsm	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gpgsm	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2024-9681	中危	7.74.0-1.3+deb11u2		curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
libgnutls30	CVE-2023-5981	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u4	gnutls: timing side-channel in the RSA-PSK authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-11-28 12:15 修改: 2026-03-25 20:01
libgnutls30	CVE-2024-12243	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u7	gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
libgnutls30	CVE-2024-28834	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u6	gnutls: vulnerable to Minerva side-channel information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-21 14:15 修改: 2026-04-15 00:35
openssl	CVE-2022-2097	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: AES OCB fails to encrypt some bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2097 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-07-05 11:15 修改: 2024-11-21 07:00
openssl	CVE-2022-4304	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u4	openssl: timing attack in RSA Decryption implementation 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4304 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-02-08 20:15 修改: 2025-11-04 20:16
openssl	CVE-2023-0465	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Invalid certificate policies in leaf certificates are silently ignored 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0465 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-28 15:15 修改: 2025-02-18 21:15
openssl	CVE-2023-0466	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Certificate policy check not enabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0466 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-03-28 15:15 修改: 2025-02-19 18:15
openssl	CVE-2023-2650	中危	1.1.1n-0+deb11u3	1.1.1n-0+deb11u5	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
openssl	CVE-2023-3446	中危	1.1.1n-0+deb11u3	1.1.1v-0~deb11u1	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
openssl	CVE-2023-3817	中危	1.1.1n-0+deb11u3	1.1.1v-0~deb11u1	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
openssl	CVE-2023-5678	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
openssl	CVE-2024-0727	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
openssl	CVE-2025-69419	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-9230	中危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u4	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
passwd	CVE-2023-4641	中危	1:4.8.1-1	1:4.8.1-1+deb11u1	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-12-27 16:15 修改: 2025-11-03 20:16
libgnutls30	CVE-2024-28835	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u6	gnutls: potential crash during chain building/verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-21 06:15 修改: 2026-04-15 00:35
libgnutls30	CVE-2025-14831	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u9	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-02-09 15:16 修改: 2026-06-10 18:16
libgnutls30	CVE-2025-6395	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u8	gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-07-10 16:15 修改: 2026-05-12 13:17
libgnutls30	CVE-2026-42011	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42012	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42013	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42014	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-16 02:16 修改: 2026-06-16 15:26
libgnutls30	CVE-2026-42015	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
perl	CVE-2025-15649	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Denial of Service via malformed DOS date in zip header 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15649 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl	CVE-2025-40909	中危	5.32.1-4+deb11u2	5.32.1-4+deb11u5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl	CVE-2026-12087	中危	5.32.1-4+deb11u2		perl-Socket: perl-Socket: Information Disclosure due to Out-of-Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12087 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-15 22:16 修改: 2026-06-16 17:16
perl	CVE-2026-48959	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: CPU exhaustion via per-byte read loop in fastForward 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48959 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl	CVE-2026-48961	中危	5.32.1-4+deb11u2		perl-IO-Compress: IO::Compress: Denial of Service in zipdetails CLI tool via malformed Info-ZIP Unix Extra Field 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48961 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl	CVE-2026-7010	中危	5.32.1-4+deb11u2		HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7010 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 22:22 修改: 2026-05-12 16:48
libgnutls30	CVE-2026-5260	中危	3.7.1-5+deb11u1	3.7.1-5+deb11u10	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
gpgv	CVE-2025-30258	中危	2.2.27-2+deb11u2		gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
gpgv	CVE-2025-68972	中危	2.2.27-2+deb11u2		gnupg: GnuPG: Signature bypass via form feed character in signed messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68972 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-27 23:15 修改: 2026-01-09 20:08
curl	CVE-2026-1965	中危	7.74.0-1.3+deb11u2		curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libgssapi-krb5-2	CVE-2023-36054	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libgssapi-krb5-2	CVE-2025-24528	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libgssapi-krb5-2	CVE-2025-3576	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libgssapi-krb5-2	CVE-2026-40355	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
perl-base	CVE-2025-15649	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Denial of Service via malformed DOS date in zip header 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15649 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl-base	CVE-2025-40909	中危	5.32.1-4+deb11u2	5.32.1-4+deb11u5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-base	CVE-2026-12087	中危	5.32.1-4+deb11u2		perl-Socket: perl-Socket: Information Disclosure due to Out-of-Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12087 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-15 22:16 修改: 2026-06-16 17:16
perl-base	CVE-2026-48959	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: CPU exhaustion via per-byte read loop in fastForward 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48959 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl-base	CVE-2026-48961	中危	5.32.1-4+deb11u2		perl-IO-Compress: IO::Compress: Denial of Service in zipdetails CLI tool via malformed Info-ZIP Unix Extra Field 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48961 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl-base	CVE-2026-7010	中危	5.32.1-4+deb11u2		HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7010 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-11 22:22 修改: 2026-05-12 16:48
libgssapi-krb5-2	CVE-2026-40356	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
libapr1	CVE-2023-49582	中危	1.7.0-6+deb11u1		APR: Lax permissions in Apache Portable Runtime shared memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49582 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-26 14:15 修改: 2025-03-13 15:15
libaprutil1	CVE-2022-25147	中危	1.6.1-5	1.6.1-5+deb11u1	apr-util: out-of-bounds writes in the apr_base64 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25147 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-01-31 16:15 修改: 2025-02-13 17:15
libblkid1	CVE-2026-27456	中危	2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libk5crypto3	CVE-2023-36054	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libk5crypto3	CVE-2025-24528	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libk5crypto3	CVE-2025-3576	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libk5crypto3	CVE-2026-40355	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
perl-modules-5.32	CVE-2025-15649	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: Denial of Service via malformed DOS date in zip header 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15649 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl-modules-5.32	CVE-2025-40909	中危	5.32.1-4+deb11u2	5.32.1-4+deb11u5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
perl-modules-5.32	CVE-2026-12087	中危	5.32.1-4+deb11u2		perl-Socket: perl-Socket: Information Disclosure due to Out-of-Bounds Read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12087 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-15 22:16 修改: 2026-06-16 17:16
perl-modules-5.32	CVE-2026-48959	中危	5.32.1-4+deb11u2		perl-IO-Compress: perl-IO-Compress: CPU exhaustion via per-byte read loop in fastForward 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48959 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl-modules-5.32	CVE-2026-48961	中危	5.32.1-4+deb11u2		perl-IO-Compress: IO::Compress: Denial of Service in zipdetails CLI tool via malformed Info-ZIP Unix Extra Field 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48961 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-27 04:16 修改: 2026-05-29 16:16
perl-modules-5.32	CVE-2026-7010	中危	5.32.1-4+deb11u2		HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7010 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-11 22:22 修改: 2026-05-12 16:48
libk5crypto3	CVE-2026-40356	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
libblkid1	CVE-2026-3184	中危	2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libbz2-1.0	CVE-2026-42250	中危	1.0.8-4		bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-05-28 14:16 修改: 2026-06-05 08:16
git	CVE-2022-39253	中危	1:2.30.2-1	1:2.30.2-1+deb11u1	git: exposure of sensitive information to a malicious actor 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-39253 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-10-19 11:15 修改: 2024-11-21 07:17
libkrb5-3	CVE-2023-36054	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libkrb5-3	CVE-2025-24528	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libkrb5-3	CVE-2025-3576	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libkrb5-3	CVE-2026-40355	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
libkrb5-3	CVE-2026-40356	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
git	CVE-2023-22490	中危	1:2.30.2-1	1:2.30.2-1+deb11u2	git: data exfiltration with maliciously crafted repository 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22490 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-02-14 20:15 修改: 2024-11-21 07:44
git	CVE-2024-50349	中危	1:2.30.2-1	1:2.30.2-1+deb11u4	git: Git does not sanitize URLs when asking for credentials interactively 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50349 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-14 19:15 修改: 2025-12-18 16:42
git	CVE-2025-27613	中危	1:2.30.2-1	1:2.30.2-1+deb11u5	gitk: Git file creation flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27613 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-10 15:15 修改: 2026-04-15 00:35
libkrb5support0	CVE-2023-36054	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u4	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libkrb5support0	CVE-2025-24528	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libkrb5support0	CVE-2025-3576	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libkrb5support0	CVE-2026-40355	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 06:16 修改: 2026-04-28 20:11
libkrb5support0	CVE-2026-40356	中危	1.18.3-6+deb11u1	1.18.3-6+deb11u8	krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 07:16 修改: 2026-04-28 20:11
libc-bin	CVE-2023-4806	中危	2.31-13+deb11u3		glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-18 17:15 修改: 2026-05-12 11:16
libc-bin	CVE-2023-4813	中危	2.31-13+deb11u3		glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-12 22:15 修改: 2025-09-26 12:15
libc-bin	CVE-2024-33600	中危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
python3.9	CVE-2021-3426	中危	3.9.2-1	3.9.2-1+deb11u2	python: Information disclosure via pydoc 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-20 13:15 修改: 2025-12-18 12:15
python3.9	CVE-2021-3733	中危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: Regular expression DoS in AbstractBasicAuthHandler 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-10 17:42 修改: 2025-11-03 22:15
python3.9	CVE-2021-4189	中危	3.9.2-1	3.9.2-1+deb11u2	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-24 16:15 修改: 2025-12-17 22:15
python3.9	CVE-2023-27043	中危	3.9.2-1	3.9.2-1+deb11u2	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-19 00:15 修改: 2026-05-12 11:16
python3.9	CVE-2023-40217	中危	3.9.2-1	3.9.2-1+deb11u2	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-08-25 01:15 修改: 2025-11-03 22:16
python3.9	CVE-2024-0450	中危	3.9.2-1	3.9.2-1+deb11u2	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3.9	CVE-2024-11168	中危	3.9.2-1	3.9.2-1+deb11u2	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2024-6923	中危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
python3.9	CVE-2024-8088	中危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-22 19:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-0938	中危	3.9.2-1	3.9.2-1+deb11u3	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-11468	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-12084	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3.9	CVE-2025-12781	中危	3.9.2-1		cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-21 20:16 修改: 2026-02-02 17:25
python3.9	CVE-2025-13837	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
python3.9	CVE-2025-15282	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-15366	中危	3.9.2-1		cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-15367	中危	3.9.2-1		cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-4516	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: CPython DecodeError Handling Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-15 14:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-6069	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Python HTMLParser quadratic complexity 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-6075	中危	3.9.2-1	3.9.2-1+deb11u4	python: Quadratic complexity in os.path.expandvars() with user-controlled template 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
python3.9	CVE-2025-8194	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-8291	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-07 18:16 修改: 2026-04-15 00:35
python3.9	CVE-2026-0672	中危	3.9.2-1	3.9.2-1+deb11u7	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2026-0865	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9	CVE-2026-1299	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
python3.9	CVE-2026-1502	中危	3.9.2-1		python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 18:16 修改: 2026-06-04 15:16
python3.9	CVE-2026-3276	中危	3.9.2-1		python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-03 16:16 修改: 2026-06-16 15:16
python3.9	CVE-2026-3446	中危	3.9.2-1		python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 19:16 修改: 2026-04-13 17:16
python3.9	CVE-2026-6019	中危	3.9.2-1		python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
python3.9	CVE-2026-7774	中危	3.9.2-1		python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-04 16:16 修改: 2026-06-10 19:16
python3.9	CVE-2026-8328	中危	3.9.2-1		The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 21:16 修改: 2026-06-10 19:16
python3.9	CVE-2026-9669	中危	3.9.2-1		python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-08 23:17 修改: 2026-06-10 19:16
liblzma5	CVE-2026-34743	中危	5.2.5-2.1~deb11u1		xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libmount1	CVE-2026-27456	中危	2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libmount1	CVE-2026-3184	中危	2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libc-bin	CVE-2025-0395	中危	2.31-13+deb11u3	2.31-13+deb11u12	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
libc-bin	CVE-2025-4802	中危	2.31-13+deb11u3	2.31-13+deb11u13	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
libc-bin	CVE-2025-8058	中危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libncurses6	CVE-2023-50495	中危	6.2+20201114-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libc-bin	CVE-2026-0915	中危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc-bin	CVE-2026-4046	中危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-5435	中危	2.31-13+deb11u3		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libncursesw6	CVE-2023-50495	中危	6.2+20201114-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libc-bin	CVE-2026-5450	中危	2.31-13+deb11u3		glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
libc-bin	CVE-2026-5928	中危	2.31-13+deb11u3		glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-20 21:16 修改: 2026-04-23 15:33
libnghttp2-14	CVE-2024-28182	中危	1.43.0-1	1.43.0-1+deb11u2	nghttp2: CONTINUATION frames DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-04-04 15:15 修改: 2025-11-04 19:17
libc-bin	CVE-2026-6238	中危	2.31-13+deb11u3		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libpam-modules	CVE-2024-10041	中危	1.4.0-9+deb11u1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules	CVE-2024-22365	中危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam-modules	CVE-2026-54411	中危	1.4.0-9+deb11u1		linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-14 18:17 修改: 2026-06-16 15:36
curl	CVE-2026-3783	中危	7.74.0-1.3+deb11u2		curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libpam-modules-bin	CVE-2024-10041	中危	1.4.0-9+deb11u1		pam: libpam: Libpam vulnerable to read hashed password 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
python3.9-minimal	CVE-2021-3426	中危	3.9.2-1	3.9.2-1+deb11u2	python: Information disclosure via pydoc 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3426 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-05-20 13:15 修改: 2025-12-18 12:15
python3.9-minimal	CVE-2021-3733	中危	3.9.2-1	3.9.2-1+deb11u2	python: urllib: Regular expression DoS in AbstractBasicAuthHandler 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3733 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-10 17:42 修改: 2025-11-03 22:15
python3.9-minimal	CVE-2021-4189	中危	3.9.2-1	3.9.2-1+deb11u2	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-08-24 16:15 修改: 2025-12-17 22:15
python3.9-minimal	CVE-2023-27043	中危	3.9.2-1	3.9.2-1+deb11u2	python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-19 00:15 修改: 2026-05-12 11:16
python3.9-minimal	CVE-2023-40217	中危	3.9.2-1	3.9.2-1+deb11u2	python: TLS handshake bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-08-25 01:15 修改: 2025-11-03 22:16
python3.9-minimal	CVE-2024-0450	中危	3.9.2-1	3.9.2-1+deb11u2	python: The zipfile module is vulnerable to zip-bombs leading to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-19 16:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2024-11168	中危	3.9.2-1	3.9.2-1+deb11u2	python: Improper validation of IPv6 and IPvFuture addresses 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-11-12 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2024-6923	中危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-01 14:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2024-8088	中危	3.9.2-1	3.9.2-1+deb11u2	python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-08-22 19:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-0938	中危	3.9.2-1	3.9.2-1+deb11u3	python: cpython: URL parser allowed square brackets in domain names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0938 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-31 18:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-11468	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Missing character filtering in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11468 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-12084	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-03 19:15 修改: 2026-01-26 15:16
python3.9-minimal	CVE-2025-12781	中危	3.9.2-1		cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-21 20:16 修改: 2026-02-02 17:25
python3.9-minimal	CVE-2025-13837	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Out-of-memory when loading Plist 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13837 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-12-01 18:16 修改: 2026-03-03 15:16
python3.9-minimal	CVE-2025-15282	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: Header injection via newlines in data URL mediatype in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15282 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-15366	中危	3.9.2-1		cpython: IMAP command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-15367	中危	3.9.2-1		cpython: POP3 command injection in user-controlled commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-4516	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: CPython DecodeError Handling Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4516 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-05-15 14:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-6069	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Python HTMLParser quadratic complexity 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-06-17 14:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-6075	中危	3.9.2-1	3.9.2-1+deb11u4	python: Quadratic complexity in os.path.expandvars() with user-controlled template 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-31 17:15 修改: 2026-02-04 19:05
python3.9-minimal	CVE-2025-8194	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: Cpython infinite loop when parsing a tarfile 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8194 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-28 19:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-8291	中危	3.9.2-1	3.9.2-1+deb11u4	cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-10-07 18:16 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2026-0672	中危	3.9.2-1	3.9.2-1+deb11u7	cpython: Header injection in http.cookies.Morsel in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0672 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2026-0865	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: wsgiref.headers.Headers allows header newline injection in Python 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-20 22:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2026-1299	中危	3.9.2-1	3.9.2-1+deb11u5	cpython: email header injection due to unquoted newlines 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-23 17:16 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2026-1502	中危	3.9.2-1		python: Python: HTTP header injection via CR/LF in proxy tunnel headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 18:16 修改: 2026-06-04 15:16
python3.9-minimal	CVE-2026-3276	中危	3.9.2-1		python: Python unicodedata: Denial of Service due to excessive CPU consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-03 16:16 修改: 2026-06-16 15:16
python3.9-minimal	CVE-2026-3446	中危	3.9.2-1		python: Python base64: Incomplete data decoding due to premature stop at padding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3446 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-10 19:16 修改: 2026-04-13 17:16
python3.9-minimal	CVE-2026-6019	中危	3.9.2-1		python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
python3.9-minimal	CVE-2026-7774	中危	3.9.2-1		python: CPython: Python tarfile: Arbitrary file write via crafted link entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-04 16:16 修改: 2026-06-10 19:16
python3.9-minimal	CVE-2026-8328	中危	3.9.2-1		The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-05-13 21:16 修改: 2026-06-10 19:16
python3.9-minimal	CVE-2026-9669	中危	3.9.2-1		python: Python: Denial of Service via out-of-bounds write in BZ2 decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-08 23:17 修改: 2026-06-10 19:16
sed	CVE-2026-5958	中危	4.7-1		sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
subversion	CVE-2024-46901	中危	1.14.1-3+deb11u1	1.14.1-3+deb11u2	Subversion: Apache Subversion: mod_dav_svn denial-of-service via control characters in paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46901 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-12-09 10:15 修改: 2025-07-15 16:35
tar	CVE-2026-5704	中危	1.34+dfsg-1		tar: tar: Hidden file injection via crafted archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
unzip	CVE-2022-0529	中危	6.0-26	6.0-26+deb11u1	unzip: Heap out-of-bound writes and reads during conversion of wide string to local string 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0529 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2022-02-09 23:15 修改: 2024-11-21 06:38
unzip	CVE-2022-0530	中危	6.0-26	6.0-26+deb11u1	unzip: SIGSEGV during the conversion of an utf-8 string to a local string 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0530 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2022-02-09 23:15 修改: 2024-11-21 06:38
util-linux	CVE-2026-27456	中危	2.36.1-8+deb11u1		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
util-linux	CVE-2026-3184	中危	2.36.1-8+deb11u1		util-linux: util-linux: Access control bypass due to improper hostname canonicalization 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-03 19:17 修改: 2026-05-01 19:29
libpam-modules-bin	CVE-2024-22365	中危	1.4.0-9+deb11u1	1.4.0-9+deb11u2	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
wget	CVE-2021-31879	中危	1.21-1+deb11u1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2021-04-29 05:15 修改: 2024-11-21 06:06
wget	CVE-2024-10524	中危	1.21-1+deb11u1		wget: GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10524 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-11-19 15:15 修改: 2026-04-15 00:35
xz-utils	CVE-2026-34743	中危	5.2.5-2.1~deb11u1		xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libpam-modules-bin	CVE-2026-54411	中危	1.4.0-9+deb11u1		linux-pam: Plaintext password recovery via timing discrepancy in pam_userdb module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54411 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-14 18:17 修改: 2026-06-16 15:36
curl	CVE-2026-3784	中危	7.74.0-1.3+deb11u2		curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
zlib1g	CVE-2026-27171	中危	1:1.2.11.dfsg-2+deb11u1		zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27
git	CVE-2023-25815	低危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: malicious placement of crafted messages when git was compiled with runtime prefix 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25815 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-25 20:15 修改: 2025-11-04 17:15
libgnutls30	CVE-2011-3389	低危	3.7.1-5+deb11u1		HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST) 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3389 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2011-09-06 19:55 修改: 2026-04-29 01:13
libuuid1	CVE-2022-0563	低危	2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
libuuid1	CVE-2024-28085	低危	2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libuuid1	CVE-2025-14104	低危	2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libgnutls30	CVE-2025-9820	低危	3.7.1-5+deb11u1	3.7.1-5+deb11u9	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
libcurl3-gnutls	CVE-2021-22922	低危	7.74.0-1.3+deb11u2		curl: Content not matching hash in Metalink is not being discarded 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-08-05 21:15 修改: 2026-04-16 15:16
login	CVE-2007-5686	低危	1:4.8.1-1		initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-5686 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2007-10-28 17:08 修改: 2026-04-23 00:35
login	CVE-2013-4235	低危	1:4.8.1-1		shadow-utils: TOCTOU race conditions by copying and removing directory trees 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-12-03 15:15 修改: 2024-11-21 01:55
login	CVE-2023-29383	低危	1:4.8.1-1	1:4.8.1-1+deb11u1	shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
login	CVE-2024-56433	低危	1:4.8.1-1		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
login	TEMP-0628843-DBAD28	低危	1:4.8.1-1		[more related to CVE-2005-4890] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl3-gnutls	CVE-2021-22923	低危	7.74.0-1.3+deb11u2		curl: Metalink download sends credentials 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-08-05 21:15 修改: 2024-11-21 05:50
libcurl3-gnutls	CVE-2022-35252	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u3	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-09-23 14:15 修改: 2025-05-05 17:18
libcurl3-gnutls	CVE-2023-28320	低危	7.74.0-1.3+deb11u2		curl: siglongjmp race condition may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28320 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
mount	CVE-2022-0563	低危	2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
mount	CVE-2024-28085	低危	2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
mount	CVE-2025-14104	低危	2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libcurl3-gnutls	CVE-2023-28322	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u9	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-05-26 21:15 修改: 2026-02-13 20:16
libcurl3-gnutls	CVE-2023-38546	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u10	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libcurl3-gnutls	CVE-2024-2379	低危	7.74.0-1.3+deb11u2		curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl3-gnutls	CVE-2025-0725	低危	7.74.0-1.3+deb11u2		libcurl: Buffer Overflow in libcurl via zlib Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0725 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-02-05 10:15 修改: 2025-06-27 19:24
ncurses-base	CVE-2025-6141	低危	6.2+20201114-2		gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-16 22:16 修改: 2026-06-02 14:16
libgssapi-krb5-2	CVE-2018-5709	低危	1.18.3-6+deb11u1		krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2018-01-16 09:29 修改: 2024-11-21 04:09
libgssapi-krb5-2	CVE-2024-26458	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libgssapi-krb5-2	CVE-2024-26461	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
libgssapi-krb5-2	CVE-2026-11850	低危	1.18.3-6+deb11u1		krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-11 10:16 修改: 2026-06-12 15:16
ncurses-bin	CVE-2025-6141	低危	6.2+20201114-2		gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-16 22:16 修改: 2026-06-02 14:16
libcurl3-gnutls	CVE-2025-10966	低危	7.74.0-1.3+deb11u2		curl: Curl missing SFTP host verification with wolfSSH backend 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-11-07 08:15 修改: 2026-06-02 14:16
libcurl3-gnutls	CVE-2025-14017	低危	7.74.0-1.3+deb11u2		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
libcurl3-gnutls	CVE-2025-14524	低危	7.74.0-1.3+deb11u2		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
libcurl3-gnutls	CVE-2025-15079	低危	7.74.0-1.3+deb11u2		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
libcurl3-gnutls	CVE-2025-15224	低危	7.74.0-1.3+deb11u2		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
gnupg-utils	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
git	CVE-2024-32020	低危	1:2.30.2-1		git: insecure hardlinks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32020 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 19:15 修改: 2026-01-06 17:01
git	CVE-2024-52005	低危	1:2.30.2-1		git: The sideband payload is passed unfiltered to the terminal in git 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52005 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-15 18:15 修改: 2025-12-18 16:00
libk5crypto3	CVE-2018-5709	低危	1.18.3-6+deb11u1		krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2018-01-16 09:29 修改: 2024-11-21 04:09
libk5crypto3	CVE-2024-26458	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libk5crypto3	CVE-2024-26461	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
libk5crypto3	CVE-2026-11850	低危	1.18.3-6+deb11u1		krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-11 10:16 修改: 2026-06-12 15:16
openssh-client	CVE-2007-2243	低危	1:8.4p1-5+deb11u1		OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabl ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-2243 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2007-04-25 16:19 修改: 2026-04-23 00:35
openssh-client	CVE-2007-2768	低危	1:8.4p1-5+deb11u1		OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-2768 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2007-05-21 20:30 修改: 2026-04-23 00:35
openssh-client	CVE-2008-3234	低危	1:8.4p1-5+deb11u1		sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapsh ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2008-3234 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2008-07-18 16:41 修改: 2026-04-23 00:35
openssh-client	CVE-2016-20012	低危	1:8.4p1-5+deb11u1		openssh: Public key information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20012 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2021-09-15 20:15 修改: 2026-05-29 16:16
openssh-client	CVE-2018-15919	低危	1:8.4p1-5+deb11u1		openssh: User enumeration via malformed packets in authentication requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15919 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2018-08-28 08:29 修改: 2025-12-18 12:15
openssh-client	CVE-2019-6110	低危	1:8.4p1-5+deb11u1		openssh: Acceptance and display of arbitrary stderr allows for spoofing of scp client output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6110 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2019-01-31 18:29 修改: 2025-12-18 15:15
openssh-client	CVE-2020-14145	低危	1:8.4p1-5+deb11u1		openssh: Observable discrepancy leading to an information leak in the algorithm negotiation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14145 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2020-06-29 18:15 修改: 2025-12-18 15:15
openssh-client	CVE-2020-15778	低危	1:8.4p1-5+deb11u1		openssh: scp allows command injection when using backtick characters in the destination argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15778 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2020-07-24 14:15 修改: 2025-07-28 18:12
openssh-client	CVE-2021-36368	低危	1:8.4p1-5+deb11u1		openssh: possible bypass of fido 2 devices and ssh-askpass 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36368 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-03-13 00:15 修改: 2026-05-29 20:16
openssh-client	CVE-2025-32728	低危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u5	openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32728 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-04-10 02:15 修改: 2025-05-22 16:51
openssh-client	CVE-2026-35388	低危	1:8.4p1-5+deb11u1	1:8.4p1-5+deb11u7	OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35388 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-02 17:16 修改: 2026-04-27 14:12
git	CVE-2025-46835	低危	1:2.30.2-1	1:2.30.2-1+deb11u5	git: Git GUI can create and overwrite files for which the user has write permission 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46835 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-10 15:15 修改: 2026-04-15 00:35
libc-bin	CVE-2010-4756	低危	2.31-13+deb11u3		glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
libc-bin	CVE-2018-20796	低危	2.31-13+deb11u3		glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-02-26 02:29 修改: 2024-11-21 04:02
libc-bin	CVE-2019-1010022	低危	2.31-13+deb11u3		glibc: stack guard protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc-bin	CVE-2019-1010023	低危	2.31-13+deb11u3		glibc: running ldd on malicious ELF leads to code execution because of wrong size computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc-bin	CVE-2019-1010024	低危	2.31-13+deb11u3		glibc: ASLR bypass using cache of thread stack and heap 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc-bin	CVE-2019-1010025	低危	2.31-13+deb11u3		glibc: information disclosure of heap addresses of pthread_created thread 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc-bin	CVE-2019-9192	低危	2.31-13+deb11u3		glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-02-26 18:29 修改: 2024-11-21 04:51
libkrb5-3	CVE-2018-5709	低危	1.18.3-6+deb11u1		krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2018-01-16 09:29 修改: 2024-11-21 04:09
libkrb5-3	CVE-2024-26458	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libkrb5-3	CVE-2024-26461	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
libpython3.9-minimal	CVE-2024-0397	低危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 16:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2024-4032	低危	3.9.2-1	3.9.2-1+deb11u2	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 15:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2024-5642	低危	3.9.2-1		python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2025-13462	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
libpython3.9-minimal	CVE-2025-1795	低危	3.9.2-1	3.9.2-1+deb11u3	python: Mishandling of comma during folding and unicode-encoding of email headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-02-28 19:15 修改: 2026-04-15 00:35
libpython3.9-minimal	CVE-2026-12003	低危	3.9.2-1		To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-16 17:16 修改: 2026-06-16 20:16
libpython3.9-minimal	CVE-2026-2297	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
libpython3.9-minimal	CVE-2026-3479	低危	3.9.2-1		python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-18 19:16 修改: 2026-04-07 18:16
libpython3.9-minimal	CVE-2026-4519	低危	3.9.2-1	3.9.2-1+deb11u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
libkrb5-3	CVE-2026-11850	低危	1.18.3-6+deb11u1		krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-11 10:16 修改: 2026-06-12 15:16
openssl	CVE-2024-13176	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u3	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
openssl	CVE-2024-2511	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16
openssl	CVE-2024-4741	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
openssl	CVE-2024-5535	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
openssl	CVE-2024-9143	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
openssl	CVE-2025-27587	低危	1.1.1n-0+deb11u3		OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27587 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-06-16 22:15 修改: 2026-04-15 00:35
openssl	CVE-2025-68160	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69418	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69420	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22795	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22796	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-34180	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
openssl	CVE-2026-42766	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
openssl	CVE-2026-7383	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
openssl	CVE-2026-9076	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libc-bin	CVE-2024-33601	低危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
passwd	CVE-2007-5686	低危	1:4.8.1-1		initscripts in rPath Linux 1 sets insecure permissions for the /var/lo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2007-5686 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2007-10-28 17:08 修改: 2026-04-23 00:35
passwd	CVE-2013-4235	低危	1:4.8.1-1		shadow-utils: TOCTOU race conditions by copying and removing directory trees 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-12-03 15:15 修改: 2024-11-21 01:55
passwd	CVE-2023-29383	低危	1:4.8.1-1	1:4.8.1-1+deb11u1	shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
passwd	CVE-2024-56433	低危	1:4.8.1-1		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
passwd	TEMP-0628843-DBAD28	低危	1:4.8.1-1		[more related to CVE-2005-4890] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libc-bin	CVE-2024-33602	低危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc-bin	CVE-2025-15281	低危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc-bin	CVE-2026-0861	低危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
gpg	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
bash	TEMP-0841856-B18BAF	低危	5.1-2+deb11u1		[Privilege escalation possible to other user than root] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0841856-B18BAF 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
dirmngr	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
dpkg	CVE-2025-6297	低危	1.20.11		It was discovered that dpkg-deb does not properly sanitize directory p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6297 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-07-01 17:15 修改: 2025-08-19 17:50
libkrb5support0	CVE-2018-5709	低危	1.18.3-6+deb11u1		krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2018-01-16 09:29 修改: 2024-11-21 04:09
libkrb5support0	CVE-2024-26458	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libkrb5support0	CVE-2024-26461	低危	1.18.3-6+deb11u1		krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
libkrb5support0	CVE-2026-11850	低危	1.18.3-6+deb11u1		krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-11 10:16 修改: 2026-06-12 15:16
gpg-agent	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
bsdutils	CVE-2022-0563	低危	1:2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
gcc-10-base	CVE-2023-4039	低危	10.2.1-6		gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
perl	CVE-2011-4116	低危	5.32.1-4+deb11u2		perl: File:: Temp insecure temporary file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4116 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2020-01-31 18:15 修改: 2025-08-04 19:04
perl	CVE-2023-31486	低危	5.32.1-4+deb11u2		http-tiny: perl: insecure TLS cert default 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31486 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-29 00:15 修改: 2025-01-30 20:15
libldap-2.4-2	CVE-2015-3276	低危	2.4.57+dfsg-3+deb11u1		openldap: incorrect multi-keyword mode cipherstring parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-3276 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2015-12-07 20:59 修改: 2026-05-06 22:30
libldap-2.4-2	CVE-2017-14159	低危	2.4.57+dfsg-3+deb11u1		openldap: Privilege escalation via PID file manipulation 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14159 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2017-09-05 18:29 修改: 2026-05-13 00:24
libldap-2.4-2	CVE-2017-17740	低危	2.4.57+dfsg-3+deb11u1		openldap: contrib/slapd-modules/nops/nops.c attempts to free stack buffer allowing remote attackers to cause a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17740 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2017-12-18 06:29 修改: 2025-04-20 01:37
libldap-2.4-2	CVE-2020-15719	低危	2.4.57+dfsg-3+deb11u1		openldap: Certificate validation incorrectly matches name against CN-ID 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15719 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2020-07-14 14:15 修改: 2024-11-21 05:06
libldap-2.4-2	CVE-2026-22185	低危	2.4.57+dfsg-3+deb11u1		OpenLDAP: OpenLDAP LMDB: Denial of Service and Information Disclosure via Heap Buffer Underflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22185 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-07 21:16 修改: 2026-04-15 00:35
gcc-9-base	CVE-2023-4039	低危	9.3.0-22		gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
gpg-wks-client	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
bsdutils	CVE-2024-28085	低危	1:2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libmount1	CVE-2022-0563	低危	2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
libmount1	CVE-2024-28085	低危	2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libmount1	CVE-2025-14104	低危	2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
bsdutils	CVE-2025-14104	低危	1:2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
apt	CVE-2011-3374	低危	2.2.4		It was found that apt-key in apt, all versions, do not correctly valid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3374 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-11-26 00:15 修改: 2024-11-21 01:30
gpg-wks-server	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
perl-base	CVE-2011-4116	低危	5.32.1-4+deb11u2		perl: File:: Temp insecure temporary file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4116 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2020-01-31 18:15 修改: 2025-08-04 19:04
perl-base	CVE-2023-31486	低危	5.32.1-4+deb11u2		http-tiny: perl: insecure TLS cert default 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31486 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-04-29 00:15 修改: 2025-01-30 20:15
coreutils	CVE-2016-2781	低危	8.32-4		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2017-02-07 15:59 修改: 2026-05-13 00:24
libncurses6	CVE-2025-6141	低危	6.2+20201114-2		gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-06-16 22:16 修改: 2026-06-02 14:16
curl	CVE-2021-22922	低危	7.74.0-1.3+deb11u2		curl: Content not matching hash in Metalink is not being discarded 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2021-08-05 21:15 修改: 2026-04-16 15:16
libcurl4	CVE-2021-22922	低危	7.74.0-1.3+deb11u2		curl: Content not matching hash in Metalink is not being discarded 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22922 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2021-08-05 21:15 修改: 2026-04-16 15:16
libcurl4	CVE-2021-22923	低危	7.74.0-1.3+deb11u2		curl: Metalink download sends credentials 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2021-08-05 21:15 修改: 2024-11-21 05:50
libcurl4	CVE-2022-35252	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u3	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-09-23 14:15 修改: 2025-05-05 17:18
libncursesw6	CVE-2025-6141	低危	6.2+20201114-2		gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-06-16 22:16 修改: 2026-06-02 14:16
libcurl4	CVE-2023-28320	低危	7.74.0-1.3+deb11u2		curl: siglongjmp race condition may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28320 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl4	CVE-2023-28322	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u9	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-26 21:15 修改: 2026-02-13 20:16
libcurl4	CVE-2023-38546	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u10	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libcurl4	CVE-2024-2379	低危	7.74.0-1.3+deb11u2		curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl4	CVE-2025-0725	低危	7.74.0-1.3+deb11u2		libcurl: Buffer Overflow in libcurl via zlib Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0725 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-02-05 10:15 修改: 2025-06-27 19:24
libcurl4	CVE-2025-10966	低危	7.74.0-1.3+deb11u2		curl: Curl missing SFTP host verification with wolfSSH backend 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-11-07 08:15 修改: 2026-06-02 14:16
libcurl4	CVE-2025-14017	低危	7.74.0-1.3+deb11u2		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
perl-modules-5.32	CVE-2011-4116	低危	5.32.1-4+deb11u2		perl: File:: Temp insecure temporary file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4116 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2020-01-31 18:15 修改: 2025-08-04 19:04
perl-modules-5.32	CVE-2023-31486	低危	5.32.1-4+deb11u2		http-tiny: perl: insecure TLS cert default 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31486 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-29 00:15 修改: 2025-01-30 20:15
procps	CVE-2023-4016	低危	2:3.3.17-5		procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-08-02 05:15 修改: 2024-11-21 08:34
libcurl4	CVE-2025-14524	低危	7.74.0-1.3+deb11u2		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
libcurl4	CVE-2025-15079	低危	7.74.0-1.3+deb11u2		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
libcurl4	CVE-2025-15224	低危	7.74.0-1.3+deb11u2		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
curl	CVE-2021-22923	低危	7.74.0-1.3+deb11u2		curl: Metalink download sends credentials 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22923 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2021-08-05 21:15 修改: 2024-11-21 05:50
libc6	CVE-2010-4756	低危	2.31-13+deb11u3		glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
libc6	CVE-2018-20796	低危	2.31-13+deb11u3		glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-02-26 02:29 修改: 2024-11-21 04:02
libc6	CVE-2019-1010022	低危	2.31-13+deb11u3		glibc: stack guard protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc6	CVE-2019-1010023	低危	2.31-13+deb11u3		glibc: running ldd on malicious ELF leads to code execution because of wrong size computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libpython3.9-stdlib	CVE-2024-0397	低危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 16:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2024-4032	低危	3.9.2-1	3.9.2-1+deb11u2	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 15:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2024-5642	低危	3.9.2-1		python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2025-13462	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
libpython3.9-stdlib	CVE-2025-1795	低危	3.9.2-1	3.9.2-1+deb11u3	python: Mishandling of comma during folding and unicode-encoding of email headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-02-28 19:15 修改: 2026-04-15 00:35
libpython3.9-stdlib	CVE-2026-12003	低危	3.9.2-1		To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-16 17:16 修改: 2026-06-16 20:16
libpython3.9-stdlib	CVE-2026-2297	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
libpython3.9-stdlib	CVE-2026-3479	低危	3.9.2-1		python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-18 19:16 修改: 2026-04-07 18:16
libpython3.9-stdlib	CVE-2026-4519	低危	3.9.2-1	3.9.2-1+deb11u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
libsepol1	CVE-2021-36084	低危	3.1-1	3.1-1+deb11u1	libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-07-01 03:15 修改: 2025-11-03 22:15
libsepol1	CVE-2021-36085	低危	3.1-1	3.1-1+deb11u1	libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-07-01 03:15 修改: 2025-11-03 22:15
libsepol1	CVE-2021-36086	低危	3.1-1	3.1-1+deb11u1	libsepol: use-after-free in cil_reset_classpermission() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-07-01 03:15 修改: 2026-03-24 20:25
libsepol1	CVE-2021-36087	低危	3.1-1	3.1-1+deb11u1	libsepol: heap-based buffer overflow in ebitmap_match_any() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-07-01 03:15 修改: 2025-11-03 22:15
libc6	CVE-2019-1010024	低危	2.31-13+deb11u3		glibc: ASLR bypass using cache of thread stack and heap 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libc6	CVE-2019-1010025	低危	2.31-13+deb11u3		glibc: information disclosure of heap addresses of pthread_created thread 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-07-15 04:15 修改: 2024-11-21 04:17
libsmartcols1	CVE-2022-0563	低危	2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
libsmartcols1	CVE-2024-28085	低危	2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libsmartcols1	CVE-2025-14104	低危	2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libc6	CVE-2019-9192	低危	2.31-13+deb11u3		glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-02-26 18:29 修改: 2024-11-21 04:51
libc6	CVE-2024-33601	低危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2024-33602	低危	2.31-13+deb11u3	2.31-13+deb11u10	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2025-15281	低危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libpcre2-8-0	CVE-2022-41409	低危	10.36-2		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
libsqlite3-0	CVE-2021-45346	低危	3.34.1-3		sqlite: crafted SQL query allows a malicious user to obtain sensitive information 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45346 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2022-02-14 19:15 修改: 2024-11-21 06:32
libsqlite3-0	CVE-2022-35737	低危	3.34.1-3		sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35737 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2022-08-03 06:15 修改: 2026-02-13 20:16
libsqlite3-0	CVE-2025-29088	低危	3.34.1-3		sqlite: Denial of Service in SQLite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2025-04-10 14:15 修改: 2025-09-30 16:59
libsqlite3-0	CVE-2025-70873	低危	3.34.1-3		sqlite: SQLite: Information Disclosure via Crafted ZIP File 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2026-03-12 19:16 修改: 2026-04-16 21:15
libpcre3	CVE-2017-11164	低危	2:8.39-13		pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
libpcre3	CVE-2017-16231	低危	2:8.39-13		pcre: self-recursive call in match() in pcre_exec.c leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16231 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-03-21 15:59 修改: 2024-11-21 03:16
libpcre3	CVE-2017-7245	低危	2:8.39-13		pcre: stack-based buffer overflow write in pcre32_copy_substring 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7245 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2017-03-23 21:59 修改: 2026-05-13 00:24
libpcre3	CVE-2017-7246	低危	2:8.39-13		pcre: stack-based buffer overflow write in pcre32_copy_substring 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7246 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2017-03-23 21:59 修改: 2026-05-13 00:24
libpcre3	CVE-2019-20838	低危	2:8.39-13		pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20838 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2020-06-15 17:15 修改: 2024-11-21 04:39
libc6	CVE-2026-0861	低危	2.31-13+deb11u3	2.31-13+deb11u14	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
gpgconf	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
curl	CVE-2022-35252	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u3	curl: Incorrect handling of control code characters in cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-35252 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2022-09-23 14:15 修改: 2025-05-05 17:18
curl	CVE-2023-28320	低危	7.74.0-1.3+deb11u2		curl: siglongjmp race condition may lead to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28320 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
curl	CVE-2023-28322	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u9	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-05-26 21:15 修改: 2026-02-13 20:16
gpgsm	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
libexpat1	CVE-2013-0340	低危	2.2.10-2+deb11u3		expat: internal entity expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-0340 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2014-01-21 18:55 修改: 2026-04-29 01:13
libexpat1	CVE-2023-52426	低危	2.2.10-2+deb11u3		expat: recursive XML entity expansion vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52426 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-02-04 20:15 修改: 2025-11-04 19:16
libexpat1	CVE-2024-28757	低危	2.2.10-2+deb11u3		expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-03-10 05:15 修改: 2025-11-04 22:15
libexpat1	CVE-2026-24515	低危	2.2.10-2+deb11u3		libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-01-23 08:16 修改: 2026-06-02 14:16
libexpat1	CVE-2026-41080	低危	2.2.10-2+deb11u3		libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-04-16 17:16 修改: 2026-06-12 18:43
curl	CVE-2023-38546	低危	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u10	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
python3.9	CVE-2024-0397	低危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 16:15 修改: 2026-04-15 00:35
python3.9	CVE-2024-4032	低危	3.9.2-1	3.9.2-1+deb11u2	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 15:15 修改: 2026-04-15 00:35
python3.9	CVE-2024-5642	低危	3.9.2-1		python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
python3.9	CVE-2025-13462	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
python3.9	CVE-2025-1795	低危	3.9.2-1	3.9.2-1+deb11u3	python: Mishandling of comma during folding and unicode-encoding of email headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-02-28 19:15 修改: 2026-04-15 00:35
python3.9	CVE-2026-12003	低危	3.9.2-1		To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-16 17:16 修改: 2026-06-16 20:16
python3.9	CVE-2026-2297	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
python3.9	CVE-2026-3479	低危	3.9.2-1		python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-18 19:16 修改: 2026-04-07 18:16
python3.9	CVE-2026-4519	低危	3.9.2-1	3.9.2-1+deb11u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
curl	CVE-2024-2379	低危	7.74.0-1.3+deb11u2		curl: QUIC certificate check bypass with wolfSSL 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2379 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libfreetype6	CVE-2022-31782	低危	2.10.4+dfsg-1+deb11u1		ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based bu ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31782 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2022-06-02 14:15 修改: 2024-11-21 07:05
libperl5.32	CVE-2011-4116	低危	5.32.1-4+deb11u2		perl: File:: Temp insecure temporary file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4116 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2020-01-31 18:15 修改: 2025-08-04 19:04
libperl5.32	CVE-2023-31486	低危	5.32.1-4+deb11u2		http-tiny: perl: insecure TLS cert default 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31486 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-29 00:15 修改: 2025-01-30 20:15
libgcc-s1	CVE-2023-4039	低危	10.2.1-6		gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
curl	CVE-2025-0725	低危	7.74.0-1.3+deb11u2		libcurl: Buffer Overflow in libcurl via zlib Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0725 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-02-05 10:15 修改: 2025-06-27 19:24
libgcrypt20	CVE-2018-6829	低危	1.8.7-6		libgcrypt: ElGamal implementation doesn't have semantic security due to incorrectly encoded plaintexts possibly allowing to obtain sensitive information 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6829 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2018-02-07 23:29 修改: 2024-11-21 04:11
libssl1.1	CVE-2024-13176	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u3	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2024-2511	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16
libssl1.1	CVE-2024-4741	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2024-5535	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libssl1.1	CVE-2024-9143	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u2	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libssl1.1	CVE-2025-27587	低危	1.1.1n-0+deb11u3		OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27587 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-16 22:15 修改: 2026-04-15 00:35
libssl1.1	CVE-2025-68160	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-69418	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2025-69420	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-22795	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-22796	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u5	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl1.1	CVE-2026-34180	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl1.1	CVE-2026-42766	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl1.1	CVE-2026-7383	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl1.1	CVE-2026-9076	低危	1.1.1n-0+deb11u3	1.1.1w-0+deb11u8	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libstdc++6	CVE-2023-4039	低危	10.2.1-6		gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
libgcrypt20	CVE-2024-2236	低危	1.8.7-6		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
gpgv	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
curl	CVE-2025-10966	低危	7.74.0-1.3+deb11u2		curl: Curl missing SFTP host verification with wolfSSH backend 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10966 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2025-11-07 08:15 修改: 2026-06-02 14:16
git-man	CVE-2018-1000021	低危	1:2.30.2-1		git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2018-02-09 23:29 修改: 2024-11-21 03:39
git-man	CVE-2022-24975	低危	1:2.30.2-1		git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24975 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-02-11 20:15 修改: 2024-11-21 06:51
libapt-pkg6.0	CVE-2011-3374	低危	2.2.4		It was found that apt-key in apt, all versions, do not correctly valid ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-3374 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2019-11-26 00:15 修改: 2024-11-21 01:30
git-man	CVE-2023-25815	低危	1:2.30.2-1	1:2.30.2-1+deb11u3	git: malicious placement of crafted messages when git was compiled with runtime prefix 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25815 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-04-25 20:15 修改: 2025-11-04 17:15
git-man	CVE-2024-32020	低危	1:2.30.2-1		git: insecure hardlinks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32020 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-05-14 19:15 修改: 2026-01-06 17:01
libblkid1	CVE-2022-0563	低危	2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
libpng16-16	CVE-2019-6129	低危	1.6.37-3		libpng: memory leak of png_info struct in pngcp.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6129 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2019-01-11 05:29 修改: 2026-05-28 19:16
libpng16-16	CVE-2021-4214	低危	1.6.37-3		libpng: hardcoded value leads to heap-overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4214 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2022-08-24 16:15 修改: 2024-11-21 06:37
libsystemd0	CVE-2013-4392	低危	247.3-7		systemd: TOCTOU race condition when updating file permissions and SELinux security contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4392 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2013-10-28 22:55 修改: 2026-04-29 01:13
libsystemd0	CVE-2020-13529	低危	247.3-7		systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13529 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-05-10 16:15 修改: 2024-11-21 05:01
libsystemd0	CVE-2023-31437	低危	247.3-7		An issue was discovered in systemd 253. An attacker can modify a seale ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31437 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-06-13 17:15 修改: 2025-01-03 20:15
libsystemd0	CVE-2023-31438	低危	247.3-7		An issue was discovered in systemd 253. An attacker can truncate a sea ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31438 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-06-13 17:15 修改: 2024-11-21 08:01
libsystemd0	CVE-2023-31439	低危	247.3-7		An issue was discovered in systemd 253. An attacker can modify the con ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-06-13 17:15 修改: 2024-11-21 08:01
libsystemd0	CVE-2026-40228	低危	247.3-7		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libpng16-16	CVE-2025-28162	低危	1.6.37-3		libpng: libpng: Denial of Service via buffer overflow in pngimage utility 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-28162 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-01-27 16:16 修改: 2026-02-06 20:06
libpng16-16	CVE-2025-28164	低危	1.6.37-3		libpng: libpng: Denial of Service via buffer overflow in png_create_read_struct() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-28164 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-01-27 16:16 修改: 2026-03-04 19:42
libtasn1-6	CVE-2025-13151	低危	4.16.0-2		libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
libpng16-16	CVE-2026-3713	低危	1.6.37-3		libpng: libpng: Heap-based buffer overflow in pnm2png allows information disclosure and denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3713 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2026-03-08 06:16 修改: 2026-04-29 01:00
libprocps8	CVE-2023-4016	低危	2:3.3.17-5		procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2023-08-02 05:15 修改: 2024-11-21 08:34
libblkid1	CVE-2024-28085	低危	2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libblkid1	CVE-2025-14104	低危	2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
libtinfo6	CVE-2025-6141	低危	6.2+20201114-2		gnu-ncurses: ncurses Stack Buffer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-06-16 22:16 修改: 2026-06-02 14:16
git-man	CVE-2024-52005	低危	1:2.30.2-1		git: The sideband payload is passed unfiltered to the terminal in git 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52005 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-01-15 18:15 修改: 2025-12-18 16:00
git-man	CVE-2025-46835	低危	1:2.30.2-1	1:2.30.2-1+deb11u5	git: Git GUI can create and overwrite files for which the user has write permission 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46835 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-07-10 15:15 修改: 2026-04-15 00:35
curl	CVE-2025-14017	低危	7.74.0-1.3+deb11u2		curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
curl	CVE-2025-14524	低危	7.74.0-1.3+deb11u2		curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
python3.9-minimal	CVE-2024-0397	低危	3.9.2-1	3.9.2-1+deb11u2	cpython: python: Memory race condition in ssl.SSLContext certificate store methods 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 16:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2024-4032	低危	3.9.2-1	3.9.2-1+deb11u2	python: incorrect IPv4 and IPv6 private ranges 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-17 15:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2024-5642	低危	3.9.2-1		python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2024-06-27 21:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2025-13462	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: cpython: `tarfile` module misinterprets crafted tar archives leading to data integrity issues 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13462 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-12 18:16 修改: 2026-06-11 14:29
python3.9-minimal	CVE-2025-1795	低危	3.9.2-1	3.9.2-1+deb11u3	python: Mishandling of comma during folding and unicode-encoding of email headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1795 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-02-28 19:15 修改: 2026-04-15 00:35
python3.9-minimal	CVE-2026-12003	低危	3.9.2-1		To allow builds of Python to be run from an in-tree layout (rather tha ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-06-16 17:16 修改: 2026-06-16 20:16
python3.9-minimal	CVE-2026-2297	低危	3.9.2-1	3.9.2-1+deb11u7	cpython: CPython: Logging Bypass in Legacy .pyc File Handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2297 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-04 23:16 修改: 2026-05-01 16:16
python3.9-minimal	CVE-2026-3479	低危	3.9.2-1		python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-18 19:16 修改: 2026-04-07 18:16
python3.9-minimal	CVE-2026-4519	低危	3.9.2-1	3.9.2-1+deb11u7	python: Python: Command-line option injection in webbrowser.open() via crafted URLs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2026-03-20 15:16 修改: 2026-04-16 14:53
curl	CVE-2025-15079	低危	7.74.0-1.3+deb11u2		curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
gnupg	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
sysvinit-utils	TEMP-0517018-A83CE6	低危	2.96-7+deb11u1		[sysvinit: no-root option in expert installer exposes locally exploitable security flaw] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0517018-A83CE6 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	CVE-2025-15224	低危	7.74.0-1.3+deb11u2		curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
tar	CVE-2005-2541	低危	1.34+dfsg-1		tar: does not properly warn the user when extracting setuid or setgid files 漏洞详情: https://avd.aquasec.com/nvd/cve-2005-2541 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2005-08-10 04:00 修改: 2026-04-16 00:27
tar	CVE-2022-48303	低危	1.34+dfsg-1	1.34+dfsg-1+deb11u1	tar: heap buffer overflow at from_header() in list.c via specially crafted checksum 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48303 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-01-30 04:15 修改: 2025-03-27 21:15
tar	CVE-2023-39804	低危	1.34+dfsg-1	1.34+dfsg-1+deb11u1	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 04:15 修改: 2025-11-04 19:15
tar	TEMP-0290435-0B57B5	低危	1.34+dfsg-1		[tar's rmt command may have undesired side effects] 漏洞详情: https://security-tracker.debian.org/tracker/TEMP-0290435-0B57B5 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
coreutils	CVE-2017-18018	低危	8.32-4		coreutils: race condition vulnerability in chown and chgrp 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18018 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2018-01-04 04:29 修改: 2025-06-09 16:15
coreutils	CVE-2025-5278	低危	8.32-4		coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-05-27 21:15 修改: 2026-05-19 17:16
unzip	CVE-2021-4217	低危	6.0-26		unzip: Null pointer dereference in Unicode strings code 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4217 镜像层: sha256:ee9872ea80364930d71a014299a88c92390a886751b28e128114db3c6a0ab707 发布日期: 2022-08-24 16:15 修改: 2024-11-21 06:37
gnupg-l10n	CVE-2022-3219	低危	2.2.27-2+deb11u2		gnupg: denial of service issue (resource consumption) using compressed packets 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219 镜像层: sha256:8874c5d5df1aa338e2de1eb06de21d28b9051ae107c034b09cc83705cbe6a010 发布日期: 2023-02-23 20:15 修改: 2025-03-12 21:15
git	CVE-2018-1000021	低危	1:2.30.2-1		git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2018-02-09 23:29 修改: 2024-11-21 03:39
util-linux	CVE-2022-0563	低危	2.36.1-8+deb11u1		util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2022-02-21 19:15 修改: 2025-06-09 16:15
util-linux	CVE-2024-28085	低危	2.36.1-8+deb11u1	2.36.1-8+deb11u2	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
util-linux	CVE-2025-14104	低危	2.36.1-8+deb11u1		util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2025-12-05 17:16 修改: 2026-04-19 20:16
git	CVE-2022-24975	低危	1:2.30.2-1		git: The --mirror option for git leaks secret for deleted content, aka the "GitBleed" 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24975 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2022-02-11 20:15 修改: 2024-11-21 06:51
libudev1	CVE-2013-4392	低危	247.3-7		systemd: TOCTOU race condition when updating file permissions and SELinux security contexts 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4392 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2013-10-28 22:55 修改: 2026-04-29 01:13
libudev1	CVE-2020-13529	低危	247.3-7		systemd: DHCP FORCERENEW authentication not implemented can cause a system running the DHCP client to have its network reconfigured 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13529 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2021-05-10 16:15 修改: 2024-11-21 05:01
libudev1	CVE-2023-31437	低危	247.3-7		An issue was discovered in systemd 253. An attacker can modify a seale ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31437 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-06-13 17:15 修改: 2025-01-03 20:15
libudev1	CVE-2023-31438	低危	247.3-7		An issue was discovered in systemd 253. An attacker can truncate a sea ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31438 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-06-13 17:15 修改: 2024-11-21 08:01
libudev1	CVE-2023-31439	低危	247.3-7		An issue was discovered in systemd 253. An attacker can modify the con ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31439 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2023-06-13 17:15 修改: 2024-11-21 08:01
libudev1	CVE-2026-40228	低危	247.3-7		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libuuid1	CVE-2026-53613	未知	2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libuuid1	CVE-2026-53615	未知	2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56404	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 has an integer overflow in addBinding. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56404 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56405	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 has an integer overflow in getAttributeId. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssh2-1	CVE-2025-15661	未知	1.9.0-2		libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15661 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssh2-1	CVE-2026-55199	未知	1.9.0-2		libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authen ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55199 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssh2-1	CVE-2026-55200	未知	1.9.0-2		libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bou ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-55200 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56406	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer becau ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56407	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 has an integer overflow in doProlog that is rela ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56408	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 has an integer overflow in copyString. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56408 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
mercurial	CVE-2025-2361	未知	5.6.1-4	5.6.1-4+deb11u1	A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-2361 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-03-17 05:15 修改: 2026-04-15 00:35
mercurial-common	CVE-2025-2361	未知	5.6.1-4	5.6.1-4+deb11u1	A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-2361 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 2025-03-17 05:15 修改: 2026-04-15 00:35
libexpat1	CVE-2026-56409	未知	2.2.10-2+deb11u3		xmlwf in libexpat before 2.8.2 has an integer overflow for the output ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56409 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56410	未知	2.2.10-2+deb11u3		xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSyste ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56410 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56411	未知	2.2.10-2+deb11u3		xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDe ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56411 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56412	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataS ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl3-gnutls	DLA-4213-1	未知	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u15	curl - regression update 漏洞详情: 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
mount	CVE-2026-53613	未知	2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
mount	CVE-2026-53615	未知	2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl3-gnutls	DLA-4432-1	未知	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u16	curl - security update 漏洞详情: 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libmount1	CVE-2026-53613	未知	2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-3972-1	未知	2021a-1+deb11u4	2024b-0+deb11u1	tzdata - new timezone database 漏洞详情: 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-4085-1	未知	2021a-1+deb11u4	2025a-0+deb11u1	tzdata - new timezone database 漏洞详情: 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-4105-1	未知	2021a-1+deb11u4	2025b-0+deb11u1	tzdata - new timezone database 漏洞详情: 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-4403-1	未知	2021a-1+deb11u4	2025b-0+deb11u2	tzdata - new timezone database 漏洞详情: 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-4569-1	未知	2021a-1+deb11u4	2026b-0+deb11u1	tzdata - new timezone database 漏洞详情: 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ucf	DLA-4016-1	未知	3.0043	3.0043+deb11u2	ucf - security update 漏洞详情: 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libmount1	CVE-2026-53615	未知	2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	DLA-4213-1	未知	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u15	curl - regression update 漏洞详情: 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	DLA-4432-1	未知	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u16	curl - security update 漏洞详情: 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libsmartcols1	CVE-2026-53613	未知	2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libsmartcols1	CVE-2026-53615	未知	2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
bsdutils	CVE-2026-53613	未知	1:2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ca-certificates	DLA-4485-1	未知	20210119	20230311+deb12u1~deb11u1	ca-certificates - CA certificates update 漏洞详情: 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libblkid1	CVE-2026-53613	未知	2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
util-linux	CVE-2026-53613	未知	2.36.1-8+deb11u1		[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
util-linux	CVE-2026-53615	未知	2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libblkid1	CVE-2026-53615	未知	2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
bsdutils	CVE-2026-53615	未知	1:2.36.1-8+deb11u1		[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c] 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615 镜像层: sha256:bd245ec49ee5cd979b20c0a4efd32385afca92f5afa84faa6769c6a56543350a 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4	DLA-4213-1	未知	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u15	curl - regression update 漏洞详情: 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4	DLA-4432-1	未知	7.74.0-1.3+deb11u2	7.74.0-1.3+deb11u16	curl - security update 漏洞详情: 镜像层: sha256:595a656dd8efc44ad2600f67c92a3a2f5612e673513583c11cb04d54f10c55d6 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56131	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 lacks handler call depth tracking for calls to X ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56131 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56132	未知	2.2.10-2+deb11u3		In libexpat before 2.8.2, there is a heap-based buffer overflow in doP ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1	CVE-2026-56403	未知	2.2.10-2+deb11u3		libexpat before 2.8.2 has an integer overflow in storeAtts. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403 镜像层: sha256:b7b6064a28a9833a1ac123bb3e408f6cdb2689cf233ee40c978e6193a142278c 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Java (jar)

低危漏洞:13

中危漏洞:81

高危漏洞:91

严重漏洞:41

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
com.alibaba:fastjson	CVE-2025-70974	严重	1.2.37	1.2.48	fastjson: Fastjson: Remote Code Execution via JNDI Injection due to autoType mishandling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70974 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-01-09 07:16 修改: 2026-04-15 00:35
com.baomidou:mybatis-plus	CVE-2023-25330	严重	3.5.1	3.5.3.1	MyBatis-Plus vulnerable to SQL injection via TenantPlugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25330 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-04-05 14:15 修改: 2024-11-21 07:49
commons-collections:commons-collections	CVE-2015-7501	严重	3.2.1	3.2.2	apache-commons-collections: InvokerTransformer code execution during deserialisation 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-7501 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2017-11-09 17:29 修改: 2025-04-20 01:37
commons-fileupload:commons-fileupload	CVE-2016-1000031	严重	1.3.1	1.3.3	FileUpload: DiskFileItem file manipulation 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000031 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2016-10-25 14:29 修改: 2026-05-06 22:30
commons-fileupload:commons-fileupload	CVE-2016-1000031	严重	1.3.2	1.3.3	FileUpload: DiskFileItem file manipulation 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000031 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2016-10-25 14:29 修改: 2026-05-06 22:30
log4j:log4j	CVE-2019-17571	严重	1.2.17		log4j: deserialization of untrusted data in SocketServer 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17571 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2019-12-20 17:15 修改: 2026-05-28 19:16
log4j:log4j	CVE-2022-23305	严重	1.2.17		log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23305 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-01-18 16:15 修改: 2026-05-27 14:16
log4j:log4j	CVE-2022-23307	严重	1.2.17		log4j: Unsafe deserialization flaw in Chainsaw log viewer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23307 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-01-18 16:15 修改: 2024-11-21 06:48
org.apache.commons:commons-text	CVE-2022-42889	严重	1.9	1.10.0	apache-commons-text: variable interpolation RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-10-13 13:15 修改: 2024-11-21 07:25
org.apache.logging.log4j:log4j-core	CVE-2021-44228	严重	2.8.2	2.15.0, 2.3.1, 2.12.2	log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44228 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-12-10 10:15 修改: 2026-02-20 16:15
org.apache.logging.log4j:log4j-core	CVE-2021-45046	严重	2.8.2	2.16.0, 2.12.2	log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45046 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-12-14 19:15 修改: 2025-10-27 17:35
org.apache.shiro:shiro-core	CVE-2016-4437	严重	1.2.4	1.2.5	shiro: Security constraint bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-4437 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2016-06-07 14:06 修改: 2026-04-22 14:36
org.apache.shiro:shiro-core	CVE-2020-11989	严重	1.2.4	1.5.3	shiro: spring dynamic controllers, a specially crafted request may cause an authentication bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11989 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-06-22 19:15 修改: 2024-11-21 04:59
org.apache.shiro:shiro-core	CVE-2020-1957	严重	1.2.4	1.5.2	shiro: Spring dynamic controllers, a specially crafted request may cause an authentication bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1957 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-03-25 16:15 修改: 2024-11-21 05:11
org.apache.shiro:shiro-core	CVE-2021-41303	严重	1.2.4	1.8.0	shiro: specially crafted HTTP request may cause an authentication bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41303 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-09-17 09:15 修改: 2024-11-21 06:26
org.apache.shiro:shiro-core	CVE-2022-32532	严重	1.2.4	1.9.1	shiro: authorization bypass due to possible misconfigured 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-32532 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-06-29 00:15 修改: 2024-11-21 07:06
org.apache.shiro:shiro-core	CVE-2022-40664	严重	1.2.4	1.10.0	shiro: Authentication Bypass Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40664 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-10-12 07:15 修改: 2025-05-15 15:16
org.apache.shiro:shiro-spring	CVE-2020-17510	严重	1.2.4	1.7.0	shiro: specially crafted HTTP request may cause an authentication bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17510 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-11-05 21:15 修改: 2024-11-21 05:08
org.apache.shiro:shiro-spring	CVE-2020-17523	严重	1.2.4	1.7.1	shiro: Authentication bypass through specially crafted HTTP request 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17523 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-02-03 17:15 修改: 2024-11-21 05:08
org.apache.shiro:shiro-web	CVE-2020-17523	严重	1.2.4	1.7.1	shiro: Authentication bypass through specially crafted HTTP request 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17523 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-02-03 17:15 修改: 2024-11-21 05:08
org.apache.shiro:shiro-web	CVE-2023-34478	严重	1.2.4	1.12.0, 2.0.0-alpha-3	Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34478 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-07-24 19:15 修改: 2025-02-13 17:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-24813	严重	9.0.41	11.0.3, 10.1.35, 9.0.99	tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24813 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-03-10 17:15 修改: 2025-10-23 14:49
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41293	严重	9.0.41	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41293 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:57
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43512	严重	9.0.41	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43512 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:54
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43515	严重	9.0.41	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: tomcat: Improper Authorization allows security bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43515 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:52
org.springframework.boot:spring-boot-actuator-autoconfigure	CVE-2023-20873	严重	2.4.1	3.0.6, 2.7.11, 2.6.15, 2.5.15	spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20873 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-04-20 21:15 修改: 2025-05-05 16:15
org.springframework.security:spring-security-core	CVE-2022-22978	严重	5.4.2	5.5.7, 5.6.4, 5.4.11	springframework: Authorization Bypass in RegexRequestMatcher 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22978 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-05-19 15:15 修改: 2024-11-21 06:47
org.springframework.security:spring-security-web	CVE-2022-22978	严重	5.4.2	5.5.7, 5.6.4, 5.4.11	springframework: Authorization Bypass in RegexRequestMatcher 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22978 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-05-19 15:15 修改: 2024-11-21 06:47
org.springframework.security:spring-security-web	CVE-2024-38821	严重	5.4.2	5.7.13, 5.8.15, 6.2.7, 6.0.13, 6.1.11, 6.3.4	Spring-WebFlux: Authorization Bypass of Static Resources in WebFlux Applications 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38821 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-10-28 07:15 修改: 2026-04-15 00:35
org.springframework.security:spring-security-web	CVE-2026-22732	严重	5.4.2	6.5.9, 7.0.4	Spring Security: Spring Security: Security policy bypass and information disclosure due to unwritten HTTP headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22732 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-03-19 23:16 修改: 2026-04-16 04:29
org.springframework:spring-beans	CVE-2022-22965	严重	5.3.2	5.2.20.RELEASE, 5.3.18	spring-framework: RCE via Data Binding on JDK 9+ 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-01 23:15 修改: 2025-10-30 19:56
org.springframework:spring-web	CVE-2016-1000027	严重	5.3.2	6.0.0	spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-01-02 23:15 修改: 2024-11-21 02:42
org.springframework:spring-webmvc	CVE-2022-22965	严重	5.3.2	5.2.20.RELEASE, 5.3.18	spring-framework: RCE via Data Binding on JDK 9+ 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-01 23:15 修改: 2025-10-30 19:56
org.springframework:spring-webmvc	CVE-2023-20860	严重	5.3.2	6.0.7, 5.3.26	springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20860 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-03-27 22:15 修改: 2025-02-19 19:15
org.thymeleaf:thymeleaf	CVE-2026-40477	严重	3.0.11.RELEASE	3.1.4.RELEASE	thymeleaf: Thymeleaf: Server-Side Template Injection via security bypass in expression execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40477 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-17 22:16 修改: 2026-04-24 16:58
org.thymeleaf:thymeleaf	CVE-2026-40478	严重	3.0.11.RELEASE	3.1.4.RELEASE	thymeleaf: Thymeleaf: Server-Side Template Injection via expression execution bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40478 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-17 22:16 修改: 2026-04-24 16:58
org.thymeleaf:thymeleaf	CVE-2026-41901	严重	3.0.11.RELEASE	3.1.5.RELEASE	Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41901 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 23:16 修改: 2026-05-13 16:10
org.thymeleaf:thymeleaf-spring5	CVE-2021-43466	严重	3.0.11.RELEASE	3.0.13.RELEASE	Template injection in thymeleaf-spring5 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43466 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-11-09 12:15 修改: 2024-11-21 06:29
org.thymeleaf:thymeleaf-spring5	CVE-2026-40477	严重	3.0.11.RELEASE	3.1.4.RELEASE	thymeleaf: Thymeleaf: Server-Side Template Injection via security bypass in expression execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40477 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-17 22:16 修改: 2026-04-24 16:58
org.thymeleaf:thymeleaf-spring5	CVE-2026-40478	严重	3.0.11.RELEASE	3.1.4.RELEASE	thymeleaf: Thymeleaf: Server-Side Template Injection via expression execution bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40478 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-17 22:16 修改: 2026-04-24 16:58
org.thymeleaf:thymeleaf-spring5	CVE-2026-41901	严重	3.0.11.RELEASE	3.1.5.RELEASE	Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41901 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 23:16 修改: 2026-05-13 16:10
commons-fileupload:commons-fileupload	CVE-2025-48976	高危	1.3.2	1.6.0	apache-commons-fileupload: Apache Commons FileUpload DoS via part headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48976 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-16 15:15 修改: 2025-11-03 20:19
commons-io:commons-io	CVE-2024-47554	高危	2.4	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-10-03 12:15 修改: 2025-07-10 21:10
commons-io:commons-io	CVE-2024-47554	高危	2.6	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-10-03 12:15 修改: 2025-07-10 21:10
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.11.3	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-25 17:15 修改: 2026-04-15 00:35
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.11.3	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-03-11 07:15 修改: 2025-08-27 21:15
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	高危	2.11.3	2.12.6, 2.13.1	jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-03-18 22:15 修改: 2025-02-26 19:15
log4j:log4j	CVE-2021-4104	高危	1.2.17		log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4104 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-12-14 12:15 修改: 2026-05-28 21:16
log4j:log4j	CVE-2022-23302	高危	1.2.17		log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23302 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-01-18 16:15 修改: 2025-07-07 18:15
log4j:log4j	CVE-2023-26464	高危	1.2.17	2.0	log4j1-socketappender: DoS via hashmap logging 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26464 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-03-10 14:15 修改: 2025-02-13 17:16
mysql:mysql-connector-java	CVE-2023-22102	高危	8.0.14		mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2023) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22102 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-10-17 22:15 修改: 2025-03-06 17:15
org.apache.ant:ant	CVE-2020-11979	高危	1.9.15	1.10.9	ant: insecure temporary file 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11979 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-10-01 20:15 修改: 2024-11-21 04:59
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.11.3	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-10-02 05:15 修改: 2024-11-21 07:24
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.11.3	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-10-02 05:15 修改: 2024-11-21 07:24
com.thoughtworks.xstream:xstream	CVE-2020-26217	高危	1.4.14	1.4.14-java7	XStream: remote code execution due to insecure XML deserialization when relying on blocklists 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26217 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-11-16 21:15 修改: 2025-05-23 16:54
org.apache.logging.log4j:log4j-core	CVE-2021-45105	高危	2.8.2	2.12.3, 2.17.0, 2.3.1	log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45105 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-12-18 12:15 修改: 2026-05-29 13:16
com.thoughtworks.xstream:xstream	CVE-2021-21341	高危	1.4.14	1.4.16	XStream: allow a remote attacker to cause DoS only by manipulating the processed input stream 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21341 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:38
com.thoughtworks.xstream:xstream	CVE-2021-29505	高危	1.4.14	1.4.17	XStream: remote command execution attack by manipulating the processed input stream 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29505 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-05-28 21:15 修改: 2025-05-30 00:15
com.thoughtworks.xstream:xstream	CVE-2021-39139	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39139 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:52
com.thoughtworks.xstream:xstream	CVE-2021-39141	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39141 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:52
com.thoughtworks.xstream:xstream	CVE-2021-39144	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39144 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-10-24 14:47
com.thoughtworks.xstream:xstream	CVE-2021-39145	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39145 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:52
org.apache.shiro:shiro-core	CVE-2019-12422	高危	1.2.4	1.4.2	shiro: Cookie padding oracle vulnerability with default configuration 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12422 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2019-11-18 23:15 修改: 2024-11-21 04:22
org.apache.shiro:shiro-core	CVE-2020-13933	高危	1.2.4	1.6.0	shiro: specially crafted HTTP request may cause an authentication bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13933 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-08-17 21:15 修改: 2024-11-21 05:02
org.apache.shiro:shiro-core	CVE-2026-49268	高危	1.2.4	2.2.1, 3.0.0-alpha-2	A remote attacker can inject LDAP special characters into the Distingu ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49268 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
com.thoughtworks.xstream:xstream	CVE-2021-39146	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39146 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:48
com.thoughtworks.xstream:xstream	CVE-2021-39147	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39147 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:51
com.thoughtworks.xstream:xstream	CVE-2021-39148	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39148 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:48
com.thoughtworks.xstream:xstream	CVE-2021-39149	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39149 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:50
org.apache.shiro:shiro-web	CVE-2016-6802	高危	1.2.4	1.3.2	Shiro: Security servlet filters bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-6802 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2016-09-20 19:59 修改: 2026-05-06 22:30
com.thoughtworks.xstream:xstream	CVE-2021-39150	高危	1.4.14	1.4.18	xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39150 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 19:15 修改: 2025-05-23 16:48
com.thoughtworks.xstream:xstream	CVE-2021-39151	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39151 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:49
com.thoughtworks.xstream:xstream	CVE-2021-39152	高危	1.4.14	1.4.18	xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39152 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 19:15 修改: 2025-05-23 16:47
com.thoughtworks.xstream:xstream	CVE-2021-39153	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39153 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:50
org.apache.tomcat.embed:tomcat-embed-core	CVE-2021-25122	高危	9.0.41	10.0.2, 9.0.43, 8.5.63	tomcat: Request mix-up with h2c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25122 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-01 12:15 修改: 2024-11-21 05:54
org.apache.tomcat.embed:tomcat-embed-core	CVE-2022-42252	高危	9.0.41	8.5.83, 9.0.68, 10.0.27, 10.1.1	tomcat: request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42252 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-11-01 09:15 修改: 2025-05-06 16:15
org.apache.tomcat.embed:tomcat-embed-core	CVE-2022-45143	高危	9.0.41	8.5.84, 9.0.69, 10.1.2	tomcat: JsonErrorReportValve injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45143 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-01-03 19:15 修改: 2024-11-21 07:28
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-24998	高危	9.0.41	10.1.5, 11.0.0-M5, 8.5.88, 9.0.71	FileUpload: FileUpload DoS with excessive parts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-02-20 16:15 修改: 2025-11-03 22:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-46589	高危	9.0.41	11.0.0-M11, 10.1.16, 9.0.83, 8.5.96	tomcat: HTTP request smuggling via malformed trailer headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46589 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-11-28 16:15 修改: 2025-08-07 11:15
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-34750	高危	9.0.41	11.0.0-M21, 10.1.25, 9.0.90	tomcat: Improper Handling of Exceptional Conditions 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-07-03 20:15 修改: 2025-11-03 20:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-50379	高危	9.0.41	11.0.2, 10.1.34, 9.0.98	tomcat: RCE due to TOCTOU issue in JSP compilation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50379 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-12-17 13:15 修改: 2025-11-03 21:17
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-56337	高危	9.0.41	11.0.2, 10.1.34, 9.0.98	tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56337 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-12-20 16:15 修改: 2025-11-03 21:17
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-48988	高危	9.0.41	11.0.8, 10.1.42, 9.0.106	tomcat: Apache Tomcat DoS in multipart upload 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48988 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-16 15:15 修改: 2025-11-03 20:19
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-48989	高危	9.0.41	11.0.10, 10.1.44, 9.0.108	tomcat: http/2 "MadeYouReset" DoS attack through HTTP/2 control frames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48989 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-08-13 13:15 修改: 2026-05-12 13:17
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-52520	高危	9.0.41	11.0.9, 10.1.43, 9.0.107	tomcat: Apache Tomcat denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52520 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-07-10 19:15 修改: 2025-11-04 22:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-53506	高危	9.0.41	9.0.107, 10.1.43, 11.0.9	tomcat: Apache Tomcat denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53506 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-07-10 20:15 修改: 2025-11-04 22:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-55752	高危	9.0.41	11.0.11, 10.1.45, 9.0.109	tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55752 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-10-27 18:15 修改: 2026-05-12 13:17
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24880	高危	9.0.41	9.0.116, 10.1.52, 11.0.20	Apache Tomcat: Apache Tomcat: HTTP Request/Response Smuggling via invalid chunk extension 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24880 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-09 20:16 修改: 2026-04-14 20:02
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-34483	高危	9.0.41	9.0.116, 10.1.54, 11.0.21	Apache Tomcat: Apache Tomcat: Information disclosure due to improper encoding in JsonAccessLogValve 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34483 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-09 20:16 修改: 2026-04-14 12:46
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41284	高危	9.0.41	9.0.118, 10.1.55, 11.0.22	Allocation of Resources Without Limits or Throttling vulnerability in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41284 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:59
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-42498	高危	9.0.41	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42498 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:51
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43513	高危	9.0.41	9.0.118, 10.1.55, 11.0.22	Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43513 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-15 15:53
org.apache.xmlgraphics:xmlgraphics-commons	CVE-2020-11988	高危	2.3	2.6	xmlgraphics-commons: SSRF due to improper input validation by the XMPParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11988 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-02-24 18:15 修改: 2024-11-21 04:59
org.hibernate:hibernate-core	CVE-2026-0603	高危	5.4.25.Final		org.hibernate/hibernate-core: Hibernate: Information disclosure and data deletion via second-order SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0603 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-01-23 07:15 修改: 2026-04-15 00:35
org.owasp.esapi:esapi	CVE-2022-23457	高危	2.2.0.0	2.3.0.0	ESAPI (The OWASP Enterprise Security API) is a free, open source, web ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23457 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-25 20:15 修改: 2025-11-03 20:15
org.owasp.esapi:esapi	GHSA-7c2q-5qmr-v76q	高危	2.2.0.0	2.5.2.0	DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998 漏洞详情: https://github.com/advisories/GHSA-7c2q-5qmr-v76q 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-10-27 21:55 修改: 2023-10-27 21:55
org.springframework.boot:spring-boot	CVE-2025-22235	高危	2.4.1	3.3.11, 3.4.5	org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22235 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-04-28 08:15 修改: 2026-04-15 00:35
org.springframework.boot:spring-boot	CVE-2026-40973	高危	2.4.1	4.0.6, 3.5.14	Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40973 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-28 00:16 修改: 2026-04-30 14:25
com.thoughtworks.xstream:xstream	CVE-2021-39154	高危	1.4.14	1.4.18	xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39154 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 18:15 修改: 2025-05-23 16:47
org.springframework.boot:spring-boot-autoconfigure	CVE-2023-20883	高危	2.4.1	3.0.7, 2.7.12, 2.6.15, 2.5.15	spring-boot: Spring Boot Welcome Page DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20883 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-05-26 17:15 修改: 2025-01-16 15:15
com.thoughtworks.xstream:xstream	CVE-2021-43859	高危	1.4.14	1.4.19	xstream: Injecting highly recursive collections or maps can cause a DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43859 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-02-01 12:15 修改: 2025-11-03 22:15
org.springframework.security:spring-security-core	CVE-2021-22119	高危	5.4.2	5.5.1, 5.4.7, 5.3.10, 5.2.11	spring-security: Denial-of-Service (DoS) attack via initiation of Authorization Request 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22119 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-06-29 17:15 修改: 2024-11-21 05:49
org.springframework.security:spring-security-core	CVE-2024-22257	高危	5.4.2	5.7.12, 5.8.11, 6.1.8, 6.2.3	spring-security: Broken Access Control With Direct Use of AuthenticatedVoter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22257 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-03-18 15:15 修改: 2026-04-15 00:35
com.thoughtworks.xstream:xstream	CVE-2022-40151	高危	1.4.14	1.4.20	xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-09-16 10:15 修改: 2025-05-23 16:51
com.thoughtworks.xstream:xstream	CVE-2022-41966	高危	1.4.14	1.4.20	xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-12-28 00:15 修改: 2025-05-23 16:51
com.thoughtworks.xstream:xstream	CVE-2024-47072	高危	1.4.14	1.4.21	com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-11-08 00:15 修改: 2026-04-15 00:35
org.springframework.security:spring-security-web	CVE-2021-22112	高危	5.4.2	5.4.4, 5.3.8, 5.2.9	jenkins: Privilege escalation vulnerability in bundled Spring Security library 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22112 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-02-23 19:15 修改: 2024-11-21 05:49
commons-beanutils:commons-beanutils	CVE-2014-0114	高危	1.9.3	1.9.4	1: Class Loader manipulation via request parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2014-0114 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2014-04-30 10:49 修改: 2026-05-06 22:30
org.springframework:spring-beans	CVE-2022-22970	高危	5.3.2	5.2.22.RELEASE, 5.3.20	springframework: DoS via data binding to multipartFile or servlet part 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-05-12 20:15 修改: 2024-11-21 06:47
org.springframework:spring-context	CVE-2022-22968	高危	5.3.2	5.3.19, 5.2.21.RELEASE	Framework: Data Binding Rules Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22968 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-14 21:15 修改: 2024-11-21 06:47
org.springframework:spring-core	CVE-2025-41249	高危	5.3.2	6.2.11	org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41249 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-09-16 11:15 修改: 2026-04-15 00:35
org.springframework:spring-expression	CVE-2023-20863	高危	5.3.2	6.0.8, 5.3.27, 5.2.24.RELEASE	springframework: Spring Expression DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-04-13 20:15 修改: 2025-02-07 17:15
commons-beanutils:commons-beanutils	CVE-2019-10086	高危	1.9.3	1.9.4	apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10086 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2019-08-20 21:15 修改: 2024-11-21 04:18
org.springframework:spring-web	CVE-2021-22118	高危	5.3.2	5.2.15, 5.3.7	spring-web: (re)creating the temporary storage directory could result in a privilege escalation within WebFlux application 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22118 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-05-27 15:15 修改: 2024-11-21 05:49
org.springframework:spring-web	CVE-2024-22243	高危	5.3.2	6.1.4, 6.0.17, 5.3.32	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-02-23 05:15 修改: 2026-04-15 00:35
org.springframework:spring-web	CVE-2024-22259	高危	5.3.2	6.1.5, 6.0.18, 5.3.33	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-03-16 05:15 修改: 2025-06-10 15:55
org.springframework:spring-web	CVE-2024-22262	高危	5.3.2	5.3.34, 6.0.19, 6.1.6	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-04-16 06:15 修改: 2026-04-15 00:35
commons-beanutils:commons-beanutils	CVE-2025-48734	高危	1.9.3	1.11.0	commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-05-28 14:15 修改: 2025-11-03 20:19
ch.qos.logback:logback-classic	CVE-2023-6378	高危	1.2.3	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
org.springframework:spring-webmvc	CVE-2024-38816	高危	5.3.2	6.1.13	spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-09-13 06:15 修改: 2026-04-15 00:35
org.springframework:spring-webmvc	CVE-2024-38819	高危	5.3.2	6.1.14	org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-12-19 18:15 修改: 2026-04-15 00:35
org.testng:testng	CVE-2022-4065	高危	6.13.1	7.5.1, 7.7.0	testng: a path traversal in zip files 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4065 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-11-19 19:15 修改: 2024-11-21 07:34
commons-collections:commons-collections	CVE-2015-6420	高危	3.2.1	3.2.2	Insecure Deserialization in Apache Commons Collection 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-6420 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2015-12-15 05:59 修改: 2026-02-24 19:36
com.alibaba:fastjson	CVE-2022-25845	高危	1.2.37	1.2.83	fastjson: autoType shutdown restriction bypass leads to deserialization 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25845 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-06-10 20:15 修改: 2024-11-21 06:53
commons-fileupload:commons-fileupload	CVE-2016-3092	高危	1.3.1	1.3.2	tomcat: Usage of vulnerable FileUpload package can result in denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3092 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2016-07-04 22:59 修改: 2026-05-06 22:30
commons-fileupload:commons-fileupload	CVE-2023-24998	高危	1.3.1	1.5	FileUpload: FileUpload DoS with excessive parts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-02-20 16:15 修改: 2025-11-03 22:16
commons-fileupload:commons-fileupload	CVE-2025-48976	高危	1.3.1	1.6.0	apache-commons-fileupload: Apache Commons FileUpload DoS via part headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48976 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-16 15:15 修改: 2025-11-03 20:19
ch.qos.logback:logback-core	CVE-2023-6378	高危	1.2.3	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
commons-fileupload:commons-fileupload	CVE-2023-24998	高危	1.3.2	1.5	FileUpload: FileUpload DoS with excessive parts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-02-20 16:15 修改: 2025-11-03 22:16
org.yaml:snakeyaml	CVE-2022-1471	高危	1.27	2.0	SnakeYaml: Constructor Deserialization Remote Code Execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-12-01 11:15 修改: 2025-06-18 09:15
org.yaml:snakeyaml	CVE-2022-25857	高危	1.27	1.31	snakeyaml: Denial of Service due to missing nested depth limitation for collections 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-08-30 05:15 修改: 2024-11-21 06:53
xalan:xalan	CVE-2022-34169	高危	2.7.2	2.7.3	OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407) 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34169 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-07-19 18:15 修改: 2026-05-27 14:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-49124	中危	9.0.41	11.0.8, 10.1.42, 9.0.106	Apache Tomcat installer for Windows has an untrusted search path vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49124 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-16 15:15 修改: 2025-10-29 12:15
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-49125	中危	9.0.41	11.0.8, 10.1.42, 9.0.106	tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49125 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-16 15:15 修改: 2025-11-03 20:19
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-66614	中危	9.0.41	11.0.15, 10.1.50, 9.0.113	tomcat: Client certificate verification bypass due to virtual host mapping 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66614 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-02-17 19:21 修改: 2026-03-11 16:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-25854	中危	9.0.41	9.0.116, 10.1.53, 11.0.20	Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25854 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-09 20:16 修改: 2026-04-14 14:01
org.apache.tomcat.embed:tomcat-embed-websocket	CVE-2024-23672	中危	9.0.41	11.0.0-M17, 10.1.19, 9.0.86, 8.5.99	Tomcat: WebSocket DoS with incomplete closing handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-03-13 16:15 修改: 2025-08-07 12:15
commons-io:commons-io	CVE-2021-29425	中危	2.4	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-04-13 07:15 修改: 2024-11-21 06:01
org.bouncycastle:bcprov-jdk15on	CVE-2023-33201	中危	1.70		bouncycastle: potential blind LDAP injection attack using a self-signed certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-07-05 03:15 修改: 2024-11-21 08:05
org.bouncycastle:bcprov-jdk15on	CVE-2024-29857	中危	1.70	1.78	org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-05-14 15:17 修改: 2026-04-15 00:35
org.bouncycastle:bcprov-jdk15on	CVE-2024-30171	中危	1.70	1.78	bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-05-14 15:21 修改: 2026-04-15 00:35
org.bouncycastle:bcprov-jdk15on	CVE-2024-34447	中危	1.70	1.78	org.bouncycastle: Use of Incorrectly-Resolved Name or Reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-05-03 16:15 修改: 2026-04-15 00:35
org.glassfish:jakarta.el	CVE-2021-28170	中危	3.0.3	3.0.4	jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28170 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-05-26 22:15 修改: 2024-11-21 05:59
com.thoughtworks.xstream:xstream	CVE-2021-21348	中危	1.4.14	1.4.16	XStream: ReDoS vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21348 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:42
org.owasp.antisamy:antisamy	CVE-2021-35043	中危	1.5.8	1.6.4	AntiSamy: XSS via HTML attributes 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35043 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-07-19 15:15 修改: 2024-11-21 06:11
org.owasp.antisamy:antisamy	CVE-2022-28367	中危	1.5.8	1.6.6	OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-21 23:15 修改: 2024-11-21 06:57
org.owasp.antisamy:antisamy	CVE-2022-29577	中危	1.5.8	1.6.7	Cross-site Scripting in OWASP AntiSamy 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-21 23:15 修改: 2024-11-21 06:59
org.owasp.antisamy:antisamy	CVE-2023-43643	中危	1.5.8	1.7.4	AntiSamy is a library for performing fast, configurable cleansing of H ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-10-09 14:15 修改: 2024-11-21 08:24
org.owasp.antisamy:antisamy	CVE-2024-23635	中危	1.5.8	1.7.5	AntiSamy is a library for performing fast, configurable cleansing of H ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-02-02 17:15 修改: 2024-11-21 08:58
commons-io:commons-io	CVE-2021-29425	中危	2.6	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-04-13 07:15 修改: 2024-11-21 06:01
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
org.owasp.esapi:esapi	CVE-2022-24891	中危	2.2.0.0	2.3.0.0	ESAPI (The OWASP Enterprise Security API) is a free, open source, web ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24891 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-27 21:15 修改: 2025-11-03 20:15
org.owasp.esapi:esapi	GHSA-r68h-jhhj-9jvm	中危	2.2.0.0	2.6.0.0	Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year 漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-11-27 17:25 修改: 2024-11-26 18:53
org.apache.shiro:shiro-core	CVE-2023-46749	中危	1.2.4	1.13.0, 2.0.0-alpha4	shiro: path traversal attack may lead to authentication bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46749 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-01-15 10:15 修改: 2025-11-03 22:16
io.github.classgraph:classgraph	CVE-2021-47621	中危	4.8.83	4.8.112	ClassGraph XML External Entity Reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-47621 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-06-21 06:15 修改: 2026-04-15 00:35
org.springframework.boot:spring-boot-actuator	CVE-2023-34055	中危	2.4.1	2.7.18, 3.0.13, 3.1.6	spring-boot: org.springframework.boot: spring-boot-actuator class vulnerable to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34055 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-11-28 09:15 修改: 2025-02-13 17:16
com.thoughtworks.xstream:xstream	CVE-2021-21349	中危	1.4.14	1.4.16	XStream: SSRF can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21349 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:42
org.apache.shiro:shiro-spring	CVE-2026-23903	中危	1.2.4	2.1.0	org.apache.shiro/shiro-web: Apache Shiro: Auth bypass when accessing static files only on case-insensitive filesystems 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23903 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-02-09 10:15 修改: 2026-02-11 18:30
com.thoughtworks.xstream:xstream	CVE-2021-21350	中危	1.4.14	1.4.16	XStream: Unsafe deserizaliation of com.sun.org.apache.bcel.internal.util.ClassLoader 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21350 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:43
com.thoughtworks.xstream:xstream	CVE-2021-21351	中危	1.4.14	1.4.16	XStream: allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21351 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:34
com.thoughtworks.xstream:xstream	CVE-2021-39140	中危	1.4.14	1.4.18	xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39140 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-08-23 19:15 修改: 2025-05-23 16:50
org.springframework.security:spring-security-core	CVE-2022-22976	中危	5.4.2	5.5.7, 5.6.4	springframework: BCrypt skips salt rounds for work factor of 31 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22976 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-05-19 15:15 修改: 2024-11-21 06:47
org.springframework.security:spring-security-core	CVE-2024-38827	中危	5.4.2	5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5	spring-security: authorization bypass for case sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-12-02 15:15 修改: 2026-04-15 00:35
org.apache.shiro:shiro-web	CVE-2023-46750	中危	1.2.4	1.13.0, 2.0.0-alpha-4	shiro: URL redirection to untrusted site in FORM authentication feature 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46750 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-12-14 09:15 修改: 2025-11-03 22:16
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.11.3	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
ch.qos.logback:logback-core	CVE-2024-12798	中危	1.2.3	1.5.13, 1.3.15	logback-core: arbitrary code execution via JaninoEventEvaluator 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-12-19 16:15 修改: 2026-04-15 00:35
ch.qos.logback:logback-core	CVE-2025-11226	中危	1.2.3	1.5.19, 1.3.16	ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-10-01 08:15 修改: 2026-04-15 00:35
mysql:mysql-connector-java	CVE-2019-2692	中危	8.0.14	8.0.16	mysql-connector-java: privilege escalation in MySQL connector 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-2692 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2019-04-23 19:32 修改: 2024-11-21 04:41
mysql:mysql-connector-java	CVE-2021-2471	中危	8.0.14	8.0.27	mysql-connector-java: unauthorized access to critical 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-2471 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-10-20 11:16 修改: 2024-11-21 06:03
mysql:mysql-connector-java	CVE-2022-21363	中危	8.0.14	8.0.28	mysql-connector-java: Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21363 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-01-19 12:15 修改: 2024-11-21 06:44
org.springframework:spring-context	CVE-2024-38820	中危	5.3.2	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-core	CVE-2021-42550	中危	1.2.3	1.2.9	logback: remote code execution through JNDI call from within its configuration file 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42550 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-12-16 19:15 修改: 2024-11-21 06:27
org.springframework:spring-core	CVE-2021-22060	中危	5.3.2	5.3.14, 5.2.19	springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096) 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22060 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-01-10 14:10 修改: 2024-11-21 05:49
org.springframework:spring-core	CVE-2021-22096	中危	5.3.2	5.3.11, 5.2.18	springframework: malicious input leads to insertion of additional log entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22096 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-10-28 16:15 修改: 2024-11-21 05:49
org.apache.ant:ant	CVE-2021-36373	中危	1.9.15	1.9.16, 1.10.11	ant: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-07-14 07:15 修改: 2024-11-21 06:13
org.springframework:spring-expression	CVE-2022-22950	中危	5.3.2	5.3.17, 5.2.20.RELEASE	spring-expression: Denial of service via specially crafted SpEL expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22950 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-04-01 23:15 修改: 2024-11-21 06:47
org.springframework:spring-expression	CVE-2023-20861	中危	5.3.2	6.0.7, 5.3.26, 5.2.23.RELEASE	springframework: Spring Expression DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-03-23 21:15 修改: 2025-02-25 16:15
org.springframework:spring-expression	CVE-2024-38808	中危	5.3.2	5.3.39	spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-08-20 08:15 修改: 2025-06-18 12:10
org.springframework:spring-messaging	CVE-2022-22971	中危	5.3.2	5.3.20, 5.2.22.RELEASE	springframework: DoS with STOMP over WebSocket 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22971 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-05-12 20:15 修改: 2024-11-21 06:47
org.apache.ant:ant	CVE-2021-36374	中危	1.9.15	1.9.16, 1.10.11	ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-07-14 07:15 修改: 2024-11-21 06:13
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.11	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.11.3	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-06-06 22:15 修改: 2026-04-15 00:35
com.thoughtworks.xstream:xstream	CVE-2020-26258	中危	1.4.14	1.4.15	XStream: Server-Side Forgery Request vulnerability can be activated when unmarshalling 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26258 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-12-16 01:15 修改: 2025-05-23 16:53
com.thoughtworks.xstream:xstream	CVE-2020-26259	中危	1.4.14	1.4.15	XStream: arbitrary file deletion on the local host when unmarshalling 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26259 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-12-16 01:15 修改: 2025-05-23 16:54
org.springframework:spring-web	CVE-2024-38809	中危	5.3.2	5.3.38, 6.0.23, 6.1.12	org.springframework:spring-web: Spring Framework DoS via conditional HTTP request 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-09-27 17:15 修改: 2026-04-15 00:35
org.springframework:spring-web	CVE-2024-38820	中危	5.3.2	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
com.thoughtworks.xstream:xstream	CVE-2021-21342	中危	1.4.14	1.4.16	XStream: SSRF via crafted input stream 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21342 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:39
org.apache.logging.log4j:log4j-core	CVE-2021-44832	中危	2.8.2	2.3.2, 2.12.4, 2.17.1	log4j-core: remote code execution via JDBC Appender 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44832 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-12-28 20:15 修改: 2026-05-29 20:16
org.apache.logging.log4j:log4j-core	CVE-2025-68161	中危	2.8.2	2.25.3	Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-12-18 21:15 修改: 2026-01-20 01:15
org.apache.logging.log4j:log4j-core	CVE-2026-34480	中危	2.8.2	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:21
org.springframework:spring-webmvc	CVE-2024-38828	中危	5.3.2	5.3.42	org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-11-18 04:15 修改: 2026-04-15 00:35
org.springframework:spring-webmvc	CVE-2025-41242	中危	5.3.2	6.2.10	org.springframework/spring-webmvc: Spring Framework MVC path traversal vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41242 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-08-18 09:15 修改: 2026-04-15 00:35
org.springframework:spring-webmvc	CVE-2026-22737	中危	5.3.2	7.0.6, 6.2.17	Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22737 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:20
org.springframework:spring-webmvc	CVE-2026-22745	中危	5.3.2	7.0.7, 6.2.18	spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22745 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-29 12:16 修改: 2026-05-04 14:50
org.springframework:spring-websocket	CVE-2025-41254	中危	5.3.2	6.2.12	org.springframework/spring-core: Spring Framework STOMP CSRF Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41254 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-10-16 15:15 修改: 2026-04-15 00:35
com.thoughtworks.xstream:xstream	CVE-2021-21343	中危	1.4.14	1.4.16	XStream: arbitrary file deletion on the local host via crafted input stream 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21343 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:40
com.thoughtworks.xstream:xstream	CVE-2021-21344	中危	1.4.14	1.4.16	XStream: Unsafe deserizaliation of javax.sql.rowset.BaseRowSet 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21344 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:40
com.thoughtworks.xstream:xstream	CVE-2021-21345	中危	1.4.14	1.4.16	XStream: Unsafe deserizaliation of com.sun.corba.se.impl.activation.ServerTableEntry 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21345 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:41
com.thoughtworks.xstream:xstream	CVE-2021-21346	中危	1.4.14	1.4.16	XStream: Unsafe deserizaliation of sun.swing.SwingLazyValue 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21346 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:41
com.thoughtworks.xstream:xstream	CVE-2021-21347	中危	1.4.14	1.4.16	XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21347 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2021-03-23 00:15 修改: 2025-05-23 17:41
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-41080	中危	9.0.41	8.5.93, 9.0.80, 10.1.13, 11.0.0-M11	tomcat: Open Redirect vulnerability in FORM authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-41080 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-08-25 21:15 修改: 2025-08-07 11:15
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-42795	中危	9.0.41	10.1.14, 9.0.81, 8.5.94, 11.0.0-M12	tomcat: improper cleaning of recycled objects could lead to information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42795 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-10-10 18:15 修改: 2025-08-07 11:15
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-44487	中危	9.0.41	11.0.0-M12, 10.1.14, 9.0.81, 8.5.94	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-10-10 14:15 修改: 2026-05-12 15:10
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-45648	中危	9.0.41	11.0.0-M12, 10.1.14, 9.0.81, 8.5.94	tomcat: incorrectly parsed http trailer headers can cause request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45648 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2023-10-10 19:15 修改: 2025-08-07 11:15
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-21733	中危	9.0.41	8.5.64, 9.0.44	tomcat: Leaking of unrelated request bodies in default error page 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21733 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-01-19 11:15 修改: 2025-11-03 21:16
org.yaml:snakeyaml	CVE-2022-38749	中危	1.27	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-09-05 10:15 修改: 2024-11-21 07:17
org.yaml:snakeyaml	CVE-2022-38750	中危	1.27	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-09-05 10:15 修改: 2024-11-21 07:17
org.yaml:snakeyaml	CVE-2022-38751	中危	1.27	1.31	snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-09-05 10:15 修改: 2024-11-21 07:17
org.yaml:snakeyaml	CVE-2022-38752	中危	1.27	1.32	snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-09-05 10:15 修改: 2024-11-21 07:17
org.yaml:snakeyaml	CVE-2022-41854	中危	1.27	1.32	dev-java/snakeyaml: DoS via stack overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-11-11 13:15 修改: 2024-11-21 07:23
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-24549	中危	9.0.41	8.5.99, 9.0.86, 10.1.19, 11.0.0-M17	Tomcat: HTTP/2 header handling DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-03-13 16:15 修改: 2025-10-29 12:15
xerces:xercesImpl	CVE-2020-14338	中危	2.12.0	2.12.0.sp3	wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14338 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-09-17 15:15 修改: 2024-11-21 05:03
xerces:xercesImpl	CVE-2022-23437	中危	2.12.0	2.12.2	xerces-j2: infinite loop when handling specially crafted XML document payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23437 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2022-01-24 15:15 修改: 2024-11-21 06:48
org.apache.logging.log4j:log4j-core	CVE-2020-9488	低危	2.8.2	2.13.2, 2.12.3, 2.3.2	log4j: improper validation of certificate with host mismatch in SMTP appender 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9488 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2020-04-27 16:15 修改: 2026-05-29 18:16
ch.qos.logback:logback-core	CVE-2026-1225	低危	1.2.3	1.5.25	ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-01-22 10:16 修改: 2026-04-15 00:35
commons-configuration:commons-configuration	CVE-2025-46392	低危	1.10		apache-commons-configuration: Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46392 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-05-09 10:15 修改: 2025-07-16 14:52
org.springframework:spring-context	CVE-2025-22233	低危	5.3.2	6.2.7, 6.1.20	CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22233 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-05-16 20:15 修改: 2026-04-15 00:35
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-46701	低危	9.0.41	9.0.105, 10.1.41, 11.0.7	tomcat: Apache Tomcat: Security constraint bypass for CGI scripts 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46701 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-05-29 19:15 修改: 2025-11-03 20:19
org.springframework:spring-webmvc	CVE-2026-22735	低危	5.3.2	7.0.6, 6.2.17	org.springframework/spring-webmvc: org.springframework/spring-webflux: Spring MVC and WebFlux: Stream corruption vulnerability when using Server-Sent Events 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22735 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:21
org.springframework:spring-webmvc	CVE-2026-22741	低危	5.3.2	7.0.7, 6.2.18	Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22741 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-04-29 12:16 修改: 2026-05-04 14:51
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-55754	低危	9.0.41	11.0.11, 10.1.45, 9.0.109	org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55754 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-10-27 18:15 修改: 2026-05-12 13:17
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-61795	低危	9.0.41	11.0.12, 10.1.47, 9.0.110	tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61795 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2025-10-27 18:15 修改: 2026-05-12 13:17
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24733	低危	9.0.41	11.0.15, 10.1.50, 9.0.113	tomcat: security constraint bypass with HTTP/0.9 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24733 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-02-17 19:21 修改: 2026-03-11 16:16
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43514	低危	9.0.41	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Information disclosure via AJP secret timing discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43514 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-05-12 16:16 修改: 2026-05-14 18:46
org.apache.shiro:shiro-core	CVE-2026-23901	低危	1.2.4	2.1.0	org.apache.shiro/shiro-core: Apache Shiro: Brute force attack possible to determine valid user names 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23901 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2026-02-10 10:15 修改: 2026-02-12 15:30
ch.qos.logback:logback-core	CVE-2024-12801	低危	1.2.3	1.5.13, 1.3.15	logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801 镜像层: sha256:488e2b789858fe554f0ac0d96981d18d4321700b08eeed578fda10ff8425ef1e 发布日期: 2024-12-19 17:15 修改: 2026-04-15 00:35