ghcr.io/axoflow/axosyslog:4.21.0 linux/arm64

ghcr.io/axoflow/axosyslog:4.21.0 - Trivy安全扫描结果 扫描时间: 2026-06-20 12:27 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:39 中危漏洞:35 高危漏洞:38 严重漏洞:2

系统OS: alpine 3.22.2 扫描引擎: Trivy 扫描时间: 2026-06-20 12:27

ghcr.io/axoflow/axosyslog:4.21.0 (alpine 3.22.2) (alpine)
低危漏洞:37 中危漏洞:29 高危漏洞:27 严重漏洞:2
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2026-31789 严重 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-31789 严重 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-69421 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28387 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28388 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28389 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28390 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-45447 高危 3.5.4-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libexpat CVE-2026-25210 高危 2.7.3-r0 2.7.4-r0 libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-30 07:16 修改: 2026-06-02 14:16
libpq CVE-2026-2004 高危 17.7-r0 17.8-r0 postgresql: PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2004

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-12 14:16 修改: 2026-02-20 19:53
libpq CVE-2026-2005 高危 17.7-r0 17.8-r0 postgresql: PostgreSQL pgcrypto heap buffer overflow executes arbitrary code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2005

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-12 14:16 修改: 2026-02-20 19:54
libpq CVE-2026-2006 高危 17.7-r0 17.9-r0 postgresql: PostgreSQL missing validation of multibyte character length executes arbitrary code

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2006

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-12 14:16 修改: 2026-02-20 19:54
libpq CVE-2026-2007 高危 17.7-r0 17.9-r0 postgresql: PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2007

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-12 14:16 修改: 2026-02-20 19:54
libpq CVE-2026-6473 高危 17.7-r0 17.10-r0 postgresql: integer overflow can cause an undersized allocation and an out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6473

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 14:59
libpq CVE-2026-6477 高危 17.7-r0 17.10-r0 postgresql: PostgreSQL libpq: Buffer overflow allows server superuser to overwrite client stack memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6477

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:03
libpq CVE-2026-6478 高危 17.7-r0 17.10-r0 postgresql: PostgreSQL: Credential recovery via covert timing channel in MD5 password comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6478

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:03
libpq CVE-2026-6638 高危 17.7-r0 17.10-r0 SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6638

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 14:14
libcrypto3 CVE-2025-15467 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libssl3 CVE-2025-15467 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libssl3 CVE-2025-69421 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28387 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28388 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28389 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28390 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-45447 高危 3.5.4-r0 3.5.7-r0 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:56
libxml2 CVE-2026-6732 高危 2.13.9-r0 2.13.9-r1 libxml2: libxml2: Denial of Service via crafted XSD-validated document

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6732

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-23 23:16 修改: 2026-05-15 14:36
musl-utils CVE-2026-40200 高危 1.2.5-r10 1.2.5-r12 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
nghttp2-libs CVE-2026-27135 高危 1.65.0-r0 1.68.1 nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
zlib CVE-2026-22184 高危 1.3.1-r2 1.3.2-r0 zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-07 21:16 修改: 2026-03-18 16:26
libpq CVE-2026-6472 中危 17.7-r0 17.10-r0 postgresql: PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6472

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 14:59
libpq CVE-2026-6474 中危 17.7-r0 17.10-r0 postgresql: PostgreSQL: Information disclosure via externally-controlled format string in timeofday() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6474

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:00
libpq CVE-2026-6475 中危 17.7-r0 17.10-r0 postgresql: PostgreSQL: Operating system account hijack via symlink following in pg_basebackup and pg_rewind

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6475

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:02
libpq CVE-2026-6476 中危 17.7-r0 17.10-r0 SQL injection in PostgreSQL pg_createsubscriber allows an attacker wit ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6476

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:02
libpq CVE-2026-6479 中危 17.7-r0 17.10-r0 Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6479

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:04
libpq CVE-2026-6637 中危 17.7-r0 17.10-r0 Stack buffer overflow in PostgreSQL module "refint" allows an unprivil ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6637

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-14 14:16 修改: 2026-05-18 15:05
libexpat CVE-2026-32776 中危 2.7.3-r0 2.7.5-r0 libexpat: libexpat: Denial of Service due to NULL pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libexpat CVE-2026-32777 中危 2.7.3-r0 2.7.5-r0 libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libexpat CVE-2026-32778 中危 2.7.3-r0 2.7.5-r0 libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libcrypto3 CVE-2025-69419 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-2673 中危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
libcrypto3 CVE-2026-31790 中危 3.5.4-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-34182 中危 3.5.4-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libcrypto3 CVE-2026-34183 中危 3.5.4-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libssl3 CVE-2025-11187 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
libssl3 CVE-2025-69419 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-2673 中危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-13 19:54 修改: 2026-06-05 19:48
libssl3 CVE-2026-31790 中危 3.5.4-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-34182 中危 3.5.4-r0 3.5.7-r0 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3 CVE-2026-34183 中危 3.5.4-r0 3.5.7-r0 openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:12
libssl3 CVE-2026-42764 中危 3.5.4-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3 CVE-2026-45445 中危 3.5.4-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libcrypto3 CVE-2026-42764 中危 3.5.4-r0 3.5.7-r0 openssl: NULL pointer dereference in QUIC server initial packet handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libcrypto3 CVE-2026-45445 中危 3.5.4-r0 3.5.7-r0 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
musl-utils CVE-2026-6042 中危 1.2.5-r10 1.2.5-r11 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
libcrypto3 CVE-2025-11187 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
xz-libs CVE-2026-34743 中危 5.8.1-r0 5.8.3-r0 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libpq CVE-2026-2003 中危 17.7-r0 17.8-r0 postgresql: PostgreSQL oidvector discloses a few bytes of memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2003

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-12 14:16 修改: 2026-02-20 19:53
zlib CVE-2026-27171 中危 1.3.1-r2 1.3.2-r0 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27
libcrypto3 CVE-2025-69418 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-69420 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-22795 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-22796 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-34180 低危 3.5.4-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libcrypto3 CVE-2026-34181 低危 3.5.4-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libcrypto3 CVE-2026-42766 低危 3.5.4-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libcrypto3 CVE-2026-42767 低危 3.5.4-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libcrypto3 CVE-2026-42768 低危 3.5.4-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libcrypto3 CVE-2026-42769 低危 3.5.4-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libcrypto3 CVE-2026-42770 低危 3.5.4-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libcrypto3 CVE-2026-45446 低危 3.5.4-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3 CVE-2025-15468 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libssl3 CVE-2025-15469 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3 CVE-2025-66199 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3 CVE-2025-68160 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69418 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69420 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-22795 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-22796 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-34180 低危 3.5.4-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3 CVE-2026-34181 低危 3.5.4-r0 3.5.7-r0 openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:13
libssl3 CVE-2026-42766 低危 3.5.4-r0 3.5.7-r0 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:25
libssl3 CVE-2026-42767 低危 3.5.4-r0 3.5.7-r0 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3 CVE-2026-42768 低危 3.5.4-r0 3.5.7-r0 openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3 CVE-2026-42769 低危 3.5.4-r0 3.5.7-r0 openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-15 18:26
libssl3 CVE-2026-42770 低危 3.5.4-r0 3.5.7-r0 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:58
libssl3 CVE-2026-45446 低危 3.5.4-r0 3.5.7-r0 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:57
libssl3 CVE-2026-7383 低危 3.5.4-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libssl3 CVE-2026-9076 低危 3.5.4-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libcrypto3 CVE-2026-7383 低危 3.5.4-r0 3.5.7-r0 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:46
libcrypto3 CVE-2026-9076 低危 3.5.4-r0 3.5.7-r0 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-09 17:17 修改: 2026-06-16 02:45
libcrypto3 CVE-2025-15468 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libcrypto3 CVE-2025-15469 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libcrypto3 CVE-2025-66199 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libcrypto3 CVE-2025-68160 低危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libexpat CVE-2026-24515 低危 2.7.3-r0 2.7.4-r0 libexpat: libexpat null pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-23 08:16 修改: 2026-06-02 14:16
Python (python-pkg)
低危漏洞:2 中危漏洞:6 高危漏洞:11 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
jaraco.context CVE-2026-23949 高危 5.3.0 6.1.0 jaraco.context: jaraco.context: Path traversal via malicious tar archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23949

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-20 01:15 修改: 2026-03-11 23:12
pyasn1 CVE-2026-23490 高危 0.6.1 0.6.2 pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23490

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-16 19:16 修改: 2026-03-13 14:19
pyasn1 CVE-2026-30922 高危 0.6.1 0.6.3 pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-30922

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-18 04:17 修改: 2026-05-01 17:16
tornado CVE-2026-31958 高危 6.5.3 6.5.5 tornado-python: Tornado: Denial of Service via large multipart bodies

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31958

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-11 20:16 修改: 2026-04-01 15:23
tornado CVE-2026-35536 高危 6.5.3 6.5.5 tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35536

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-03 04:16 修改: 2026-04-10 15:14
tornado CVE-2026-49853 高危 6.5.3 6.5.6 Tornado: Authorization header forwarded across cross-origin redirects in SimpleAsyncHTTPClient

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49853

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tornado CVE-2026-49855 高危 6.5.3 6.5.6 tornado AsyncHTTPClient accumulates decompressed chunks without size limit (gzip bomb)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49855

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
urllib3 CVE-2026-21441 高危 2.6.2 2.6.3 urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-21441

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-07 22:15 修改: 2026-01-23 09:15
urllib3 CVE-2026-44431 高危 2.6.2 2.7.0 urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44431

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:56
urllib3 CVE-2026-44432 高危 2.6.2 2.7.0 urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44432

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-05-13 16:16 修改: 2026-05-14 13:49
wheel CVE-2026-24049 高危 0.45.1 0.46.2 wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24049

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-01-22 05:16 修改: 2026-02-18 14:56
tornado GHSA-78cv-mqj4-43f7 中危 6.5.3 6.5.5 Tornado has incomplete validation of cookie attributes

漏洞详情: https://github.com/advisories/GHSA-78cv-mqj4-43f7

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-11 22:17 修改: 2026-03-11 22:17
tornado GHSA-pw6j-qg29-8w7f 中危 6.5.3 6.5.7 Tornado: CurlAsyncHTTPClient leaks per-request credentials on handle reuse

漏洞详情: https://github.com/advisories/GHSA-pw6j-qg29-8w7f

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-15 20:37 修改: 2026-06-15 20:37
pip CVE-2026-6357 中危 25.3 26.1 pip: pip: Arbitrary code execution or information disclosure via malicious wheel package installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6357

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-27 15:16 修改: 2026-04-27 23:16
idna CVE-2026-45409 中危 3.11 3.15 Internationalized Domain Names in Applications (IDNA) for Python provi ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45409

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-06-05 23:16 修改: 2026-06-15 18:52
pip CVE-2026-3219 中危 25.3 26.1 pip: pip: Incorrect file installation due to improper archive handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3219

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-04-20 16:16 修改: 2026-04-20 21:16
requests CVE-2026-25645 中危 2.32.5 2.33.0 requests: Requests: Security bypass due to predictable temporary file creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25645

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-03-25 17:16 修改: 2026-03-30 14:23
pip CVE-2026-1703 低危 25.3 26.0 pip: pip: Information disclosure via path traversal when installing crafted wheel archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1703

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 2026-02-02 15:16 修改: 2026-04-15 00:35
tornado CVE-2026-49854 低危 6.5.3 6.5.6 Tornado has out-of-bounds memory access via C extension

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49854

镜像层: sha256:af63f67040d77a55a49479f6378d3175793f21f57e587f16cb454309ad7545c2

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00