| libexpat1 |
CVE-2025-59375 |
高危 |
2.7.1-2 |
|
firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
|
| libexpat1 |
CVE-2026-25210 |
高危 |
2.7.1-2 |
|
libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-01-30 07:16 修改: 2026-06-17 10:24
|
| libexpat1 |
CVE-2026-45186 |
高危 |
2.7.1-2 |
|
libexpat: denial of service via crafted XML input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-05-10 07:16 修改: 2026-06-30 03:20
|
| libexpat1 |
CVE-2026-56131 |
高危 |
2.7.1-2 |
|
libexpat before 2.8.2 lacks handler call depth tracking for calls to X ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56131
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56407 |
高危 |
2.7.1-2 |
|
libexpat before 2.8.2 has an integer overflow in doProlog that is rela ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28
|
| libexpat1 |
CVE-2026-56408 |
高危 |
2.7.1-2 |
|
libexpat before 2.8.2 has an integer overflow in copyString.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56408
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:27
|
| libncursesw6 |
CVE-2025-69720 |
高危 |
6.5+20250216-2 |
|
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:b6555ab12753ae89726ab79ac78a705dc0b988a03bdf8a14ba55f1d77e599075
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| libpython3.13-minimal |
CVE-2026-11940 |
高危 |
3.13.5-2+deb13u2 |
|
tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-23 17:16 修改: 2026-06-30 16:16
|
| libpython3.13-minimal |
CVE-2026-7210 |
高危 |
3.13.5-2+deb13u2 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| libpython3.13-stdlib |
CVE-2026-11940 |
高危 |
3.13.5-2+deb13u2 |
|
tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-23 17:16 修改: 2026-06-30 16:16
|
| libpython3.13-stdlib |
CVE-2026-7210 |
高危 |
3.13.5-2+deb13u2 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| libtinfo6 |
CVE-2025-69720 |
高危 |
6.5+20250216-2 |
|
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:7dd7550d1c93abfc0ff33b79075c89ecb7bea4754c532f51acc1b138cadfc86b
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| libuuid1 |
CVE-2026-53615 |
高危 |
2.41-5 |
|
[Integer Overflow or Wraparound in libblkid/src/partitions/dos.c]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53615
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| python3.13-minimal |
CVE-2026-11940 |
高危 |
3.13.5-2+deb13u2 |
|
tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-23 17:16 修改: 2026-06-30 16:16
|
| python3.13-minimal |
CVE-2026-7210 |
高危 |
3.13.5-2+deb13u2 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| python3.13-venv |
CVE-2026-11940 |
高危 |
3.13.5-2+deb13u2 |
|
tarfile.extractall() with the 'data' or 'tar' filter could be bypasse ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11940
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-23 17:16 修改: 2026-06-30 16:16
|
| python3.13-venv |
CVE-2026-7210 |
高危 |
3.13.5-2+deb13u2 |
|
python: expat: Python/Expat: Denial of Service via crafted XML document
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7210
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-05-11 18:16 修改: 2026-06-17 11:02
|
| libexpat1 |
CVE-2026-32777 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
|
| libexpat1 |
CVE-2026-32778 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
|
| libexpat1 |
CVE-2026-50219 |
中危 |
2.7.1-2 |
|
expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57
|
| libexpat1 |
CVE-2026-56132 |
中危 |
2.7.1-2 |
|
expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56403 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56404 |
中危 |
2.7.1-2 |
|
libexpat before 2.8.2 has an integer overflow in addBinding.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56404
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15
|
| libexpat1 |
CVE-2026-56405 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14
|
| libexpat1 |
CVE-2026-56406 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29
|
| libexpat1 |
CVE-2026-56409 |
中危 |
2.7.1-2 |
|
xmlwf in libexpat before 2.8.2 has an integer overflow for the output ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56409
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:21
|
| libexpat1 |
CVE-2026-56410 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Integer overflow in xmlwf can lead to information disclosure and arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56410
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:18
|
| libexpat1 |
CVE-2026-56411 |
中危 |
2.7.1-2 |
|
expat: libexpat: Integer Overflow Vulnerability Leading to Information Disclosure or Code Execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56411
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 17:16 修改: 2026-06-23 16:16
|
| libexpat1 |
CVE-2026-56412 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31
|
| liblzma5 |
CVE-2026-34743 |
中危 |
5.8.1-1 |
5.8.1-1+deb13u1 |
xz: XZ Utils: Denial of Service via buffer overflow in index decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743
镜像层: sha256:845c7de4b4eb47b904d2780a9af74f235c48120903a2f1e7aefe970bec82b431
发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
|
| libc6 |
CVE-2026-5450 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| libc6 |
CVE-2026-5928 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| libc6 |
CVE-2026-6238 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| libpython3.13-minimal |
CVE-2025-12781 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| libpython3.13-minimal |
CVE-2025-15366 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-01-20 22:15 修改: 2026-07-09 18:16
|
| libpython3.13-minimal |
CVE-2025-15367 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| libpython3.13-minimal |
CVE-2026-0864 |
中危 |
3.13.5-2+deb13u2 |
|
python: cpython: Python configparser: Configuration injection via crafted multi-line input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
|
| libpython3.13-minimal |
CVE-2026-11972 |
中危 |
3.13.5-2+deb13u2 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| libpython3.13-minimal |
CVE-2026-1502 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| libpython3.13-minimal |
CVE-2026-3276 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| libpython3.13-minimal |
CVE-2026-4360 |
中危 |
3.13.5-2+deb13u2 |
|
In the Tarfile.extract() function, the filter parameter is not passed ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4360
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-30 15:16 修改: 2026-07-09 02:40
|
| libpython3.13-minimal |
CVE-2026-7774 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: CPython: Python tarfile: Arbitrary file write via crafted link entries
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16
|
| libpython3.13-minimal |
CVE-2026-8328 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| libpython3.13-minimal |
CVE-2026-9669 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: Denial of Service via out-of-bounds write in BZ2 decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16
|
| libbz2-1.0 |
CVE-2026-42250 |
中危 |
1.0.8-6 |
|
bzip2: bzip2: Denial of Service in bzip2recover via a specially crafted file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42250
镜像层: sha256:953871f68b73a0c29f9268de527a33d56fb21e904f9b3b9a52281ead677a015a
发布日期: 2026-05-28 14:16 修改: 2026-06-17 10:47
|
| libc-bin |
CVE-2026-5435 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| libpython3.13-stdlib |
CVE-2025-12781 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| libpython3.13-stdlib |
CVE-2025-15366 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-01-20 22:15 修改: 2026-07-09 18:16
|
| libpython3.13-stdlib |
CVE-2025-15367 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| libpython3.13-stdlib |
CVE-2026-0864 |
中危 |
3.13.5-2+deb13u2 |
|
python: cpython: Python configparser: Configuration injection via crafted multi-line input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
|
| libpython3.13-stdlib |
CVE-2026-11972 |
中危 |
3.13.5-2+deb13u2 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| libpython3.13-stdlib |
CVE-2026-1502 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| libpython3.13-stdlib |
CVE-2026-3276 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| libpython3.13-stdlib |
CVE-2026-4360 |
中危 |
3.13.5-2+deb13u2 |
|
In the Tarfile.extract() function, the filter parameter is not passed ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4360
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-30 15:16 修改: 2026-07-09 02:40
|
| libpython3.13-stdlib |
CVE-2026-7774 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: CPython: Python tarfile: Arbitrary file write via crafted link entries
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16
|
| libpython3.13-stdlib |
CVE-2026-8328 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| libpython3.13-stdlib |
CVE-2026-9669 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: Denial of Service via out-of-bounds write in BZ2 decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16
|
| libsqlite3-0 |
CVE-2026-11822 |
中危 |
3.46.1-7+deb13u1 |
|
SQLite before 3.53.2 contains memory corruption vulnerabilities in the ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11822
镜像层: sha256:270beab505ee6ec5b3bbf67b1a262182389a78d5d73274bc1a456c6a169e35d7
发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
|
| libsqlite3-0 |
CVE-2026-11824 |
中危 |
3.46.1-7+deb13u1 |
|
SQLite before 3.53.2 contains a heap-based buffer overflow vulnerabili ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11824
镜像层: sha256:270beab505ee6ec5b3bbf67b1a262182389a78d5d73274bc1a456c6a169e35d7
发布日期: 2026-06-09 20:16 修改: 2026-06-17 10:14
|
| libc-bin |
CVE-2026-5450 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| libc-bin |
CVE-2026-5928 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Information disclosure or denial of service via ungetwc function with specific wide character encodings
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5928
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| libuuid1 |
CVE-2026-13595 |
中危 |
2.41-5 |
|
util-linux: util-linux: heap use-after-free in libblkid nested partition probing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13595
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 2026-06-29 09:16 修改: 2026-07-08 03:37
|
| libuuid1 |
CVE-2026-27456 |
中危 |
2.41-5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libuuid1 |
CVE-2026-3184 |
中危 |
2.41-5 |
|
util-linux: util-linux: Access control bypass due to improper hostname canonicalization
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
|
| libc-bin |
CVE-2026-6238 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| libc6 |
CVE-2026-5435 |
中危 |
2.41-12+deb13u3 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| python3.13-minimal |
CVE-2025-12781 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| python3.13-minimal |
CVE-2025-15366 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-01-20 22:15 修改: 2026-07-09 18:16
|
| python3.13-minimal |
CVE-2025-15367 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3.13-minimal |
CVE-2026-0864 |
中危 |
3.13.5-2+deb13u2 |
|
python: cpython: Python configparser: Configuration injection via crafted multi-line input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
|
| python3.13-minimal |
CVE-2026-11972 |
中危 |
3.13.5-2+deb13u2 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| python3.13-minimal |
CVE-2026-1502 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| python3.13-minimal |
CVE-2026-3276 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| python3.13-minimal |
CVE-2026-4360 |
中危 |
3.13.5-2+deb13u2 |
|
In the Tarfile.extract() function, the filter parameter is not passed ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4360
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-30 15:16 修改: 2026-07-09 02:40
|
| python3.13-minimal |
CVE-2026-7774 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: CPython: Python tarfile: Arbitrary file write via crafted link entries
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16
|
| python3.13-minimal |
CVE-2026-8328 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| python3.13-minimal |
CVE-2026-9669 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: Denial of Service via out-of-bounds write in BZ2 decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16
|
| libexpat1 |
CVE-2025-66382 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Denial of service via crafted file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56
|
| libexpat1 |
CVE-2026-32776 |
中危 |
2.7.1-2 |
|
libexpat: libexpat: Denial of Service due to NULL pointer dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36
|
| python3.13-venv |
CVE-2025-12781 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: base64.b64decode() always accepts "+/" characters, despite setting altchars
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12781
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-01-21 20:16 修改: 2026-06-17 08:32
|
| python3.13-venv |
CVE-2025-15366 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-01-20 22:15 修改: 2026-07-09 18:16
|
| python3.13-venv |
CVE-2025-15367 |
中危 |
3.13.5-2+deb13u2 |
|
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3.13-venv |
CVE-2026-0864 |
中危 |
3.13.5-2+deb13u2 |
|
python: cpython: Python configparser: Configuration injection via crafted multi-line input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0864
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-23 18:17 修改: 2026-06-25 19:51
|
| python3.13-venv |
CVE-2026-11972 |
中危 |
3.13.5-2+deb13u2 |
|
python: Python tarfile module: Denial of Service via improper EOF handling in streaming mode
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11972
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-23 23:16 修改: 2026-06-30 16:16
|
| python3.13-venv |
CVE-2026-1502 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16
|
| python3.13-venv |
CVE-2026-3276 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python unicodedata: Denial of Service due to excessive CPU consumption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43
|
| python3.13-venv |
CVE-2026-4360 |
中危 |
3.13.5-2+deb13u2 |
|
In the Tarfile.extract() function, the filter parameter is not passed ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4360
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-30 15:16 修改: 2026-07-09 02:40
|
| python3.13-venv |
CVE-2026-7774 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: CPython: Python tarfile: Arbitrary file write via crafted link entries
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16
|
| python3.13-venv |
CVE-2026-8328 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16
|
| python3.13-venv |
CVE-2026-9669 |
中危 |
3.13.5-2+deb13u2 |
3.13.5-2+deb13u3 |
python: Python: Denial of Service via out-of-bounds write in BZ2 decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16
|
| zlib1g |
CVE-2026-27171 |
中危 |
1:1.3.dfsg+really1.3.1-1+b1 |
|
zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171
镜像层: sha256:e4ba966d7f0527dfe0fcb559e4e18d4da42c4e6beae924719255e0dedb554ed0
发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
|
| libkrb5-3 |
CVE-2026-11850 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850
镜像层: sha256:5a1ca664d31c99d0a37a2692a753fb2656019fba31e883f8cbf64003d179b131
发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
|
| libpython3.13-stdlib |
CVE-2026-12003 |
低危 |
3.13.5-2+deb13u2 |
|
To allow builds of Python to be run from an in-tree layout (rather tha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
|
| libpython3.13-stdlib |
CVE-2026-3479 |
低危 |
3.13.5-2+deb13u2 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:7e9b42010e3f4f21b8252134be14945b22fb4a0254b6dae3b27a1bd234125931
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| libkrb5support0 |
CVE-2018-5709 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709
镜像层: sha256:4b8502fd44896fea596fa1c84ba8d68153accdd171e96a27b400d88758f058b1
发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
|
| libkrb5support0 |
CVE-2024-26458 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458
镜像层: sha256:4b8502fd44896fea596fa1c84ba8d68153accdd171e96a27b400d88758f058b1
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libsqlite3-0 |
CVE-2021-45346 |
低危 |
3.46.1-7+deb13u1 |
|
sqlite: crafted SQL query allows a malicious user to obtain sensitive information
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45346
镜像层: sha256:270beab505ee6ec5b3bbf67b1a262182389a78d5d73274bc1a456c6a169e35d7
发布日期: 2022-02-14 19:15 修改: 2026-06-17 04:13
|
| libsqlite3-0 |
CVE-2025-70873 |
低危 |
3.46.1-7+deb13u1 |
|
sqlite: SQLite: Information Disclosure via Crafted ZIP File
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-70873
镜像层: sha256:270beab505ee6ec5b3bbf67b1a262182389a78d5d73274bc1a456c6a169e35d7
发布日期: 2026-03-12 19:16 修改: 2026-06-17 10:03
|
| libkrb5support0 |
CVE-2024-26461 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461
镜像层: sha256:4b8502fd44896fea596fa1c84ba8d68153accdd171e96a27b400d88758f058b1
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libtinfo6 |
CVE-2025-6141 |
低危 |
6.5+20250216-2 |
|
gnu-ncurses: ncurses Stack Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141
镜像层: sha256:7dd7550d1c93abfc0ff33b79075c89ecb7bea4754c532f51acc1b138cadfc86b
发布日期: 2025-06-16 22:16 修改: 2026-06-17 10:01
|
| libkrb5support0 |
CVE-2026-11850 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850
镜像层: sha256:4b8502fd44896fea596fa1c84ba8d68153accdd171e96a27b400d88758f058b1
发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
|
| libc-bin |
CVE-2019-1010023 |
低危 |
2.41-12+deb13u3 |
|
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc6 |
CVE-2010-4756 |
低危 |
2.41-12+deb13u3 |
|
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
|
| libncursesw6 |
CVE-2025-6141 |
低危 |
6.5+20250216-2 |
|
gnu-ncurses: ncurses Stack Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6141
镜像层: sha256:b6555ab12753ae89726ab79ac78a705dc0b988a03bdf8a14ba55f1d77e599075
发布日期: 2025-06-16 22:16 修改: 2026-06-17 10:01
|
| libuuid1 |
CVE-2022-0563 |
低危 |
2.41-5 |
|
util-linux: partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0563
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 2022-02-21 19:15 修改: 2026-06-17 04:20
|
| libuuid1 |
CVE-2025-14104 |
低危 |
2.41-5 |
|
util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14104
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 2025-12-05 17:16 修改: 2026-06-30 00:16
|
| libc6 |
CVE-2018-20796 |
低危 |
2.41-12+deb13u3 |
|
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2019-02-26 02:29 修改: 2026-06-17 01:53
|
| libc6 |
CVE-2019-1010022 |
低危 |
2.41-12+deb13u3 |
|
glibc: stack guard protection bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc6 |
CVE-2019-1010023 |
低危 |
2.41-12+deb13u3 |
|
glibc: running ldd on malicious ELF leads to code execution because of wrong size computation
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010023
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc6 |
CVE-2019-1010024 |
低危 |
2.41-12+deb13u3 |
|
glibc: ASLR bypass using cache of thread stack and heap
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc6 |
CVE-2019-1010025 |
低危 |
2.41-12+deb13u3 |
|
glibc: information disclosure of heap addresses of pthread_created thread
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc6 |
CVE-2019-9192 |
低危 |
2.41-12+deb13u3 |
|
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192
镜像层: sha256:3a7299f559d987305122c7669fc3643095eb0955f8ff4a38c9430d54d0b4452e
发布日期: 2019-02-26 18:29 修改: 2026-06-17 02:43
|
| libc-bin |
CVE-2019-1010024 |
低危 |
2.41-12+deb13u3 |
|
glibc: ASLR bypass using cache of thread stack and heap
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010024
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc-bin |
CVE-2019-1010025 |
低危 |
2.41-12+deb13u3 |
|
glibc: information disclosure of heap addresses of pthread_created thread
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010025
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libc-bin |
CVE-2019-9192 |
低危 |
2.41-12+deb13u3 |
|
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9192
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2019-02-26 18:29 修改: 2026-06-17 02:43
|
| libc-bin |
CVE-2010-4756 |
低危 |
2.41-12+deb13u3 |
|
glibc: glob implementation can cause excessive CPU and memory consumption due to crafted glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2010-4756
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2011-03-02 20:00 修改: 2026-04-29 01:13
|
| libc-bin |
CVE-2018-20796 |
低危 |
2.41-12+deb13u3 |
|
glibc: uncontrolled recursion in function check_dst_limits_calc_pos_1 in posix/regexec.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20796
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2019-02-26 02:29 修改: 2026-06-17 01:53
|
| libc-bin |
CVE-2019-1010022 |
低危 |
2.41-12+deb13u3 |
|
glibc: stack guard protection bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010022
镜像层: sha256:511547ed4268b19d96b7399ea1f1c4c38243fb84ef7e5af6429c296d73ea51d1
发布日期: 2019-07-15 04:15 修改: 2026-06-17 02:09
|
| libexpat1 |
CVE-2026-24515 |
低危 |
2.7.1-2 |
|
libexpat: libexpat null pointer dereference
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-01-23 08:16 修改: 2026-06-17 10:23
|
| python3.13-minimal |
CVE-2026-12003 |
低危 |
3.13.5-2+deb13u2 |
|
To allow builds of Python to be run from an in-tree layout (rather tha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
|
| python3.13-minimal |
CVE-2026-3479 |
低危 |
3.13.5-2+deb13u2 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:cda158ca3984e012d0c3c675a69a9fa08617228dc8369d7c1f3370ca938a2024
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| libpython3.13-minimal |
CVE-2026-12003 |
低危 |
3.13.5-2+deb13u2 |
|
To allow builds of Python to be run from an in-tree layout (rather tha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
|
| libpython3.13-minimal |
CVE-2026-3479 |
低危 |
3.13.5-2+deb13u2 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:e352b90eda60261289f7ce1494967d8f59dfab1de22a61553ec1766d62703ade
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| libexpat1 |
CVE-2026-41080 |
低危 |
2.7.1-2 |
|
libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080
镜像层: sha256:49bdf8e65c465162a9c999342a8e7f6e5ec4a1bfd10d3962474f3df3d7bdd763
发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46
|
| libgssapi-krb5-2 |
CVE-2018-5709 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709
镜像层: sha256:a1e17617f976687edf521b0017fa94656ed81bf5b3ce3323cdc1b62c8a332153
发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
|
| libgssapi-krb5-2 |
CVE-2024-26458 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458
镜像层: sha256:a1e17617f976687edf521b0017fa94656ed81bf5b3ce3323cdc1b62c8a332153
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libgssapi-krb5-2 |
CVE-2024-26461 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461
镜像层: sha256:a1e17617f976687edf521b0017fa94656ed81bf5b3ce3323cdc1b62c8a332153
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libgssapi-krb5-2 |
CVE-2026-11850 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850
镜像层: sha256:a1e17617f976687edf521b0017fa94656ed81bf5b3ce3323cdc1b62c8a332153
发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
|
| libk5crypto3 |
CVE-2018-5709 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709
镜像层: sha256:bf3e33f133bc77ab88b2a91423b83097549091a27db667d602c10a8787cba49d
发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
|
| libk5crypto3 |
CVE-2024-26458 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458
镜像层: sha256:bf3e33f133bc77ab88b2a91423b83097549091a27db667d602c10a8787cba49d
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libk5crypto3 |
CVE-2024-26461 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461
镜像层: sha256:bf3e33f133bc77ab88b2a91423b83097549091a27db667d602c10a8787cba49d
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libk5crypto3 |
CVE-2026-11850 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11850
镜像层: sha256:bf3e33f133bc77ab88b2a91423b83097549091a27db667d602c10a8787cba49d
发布日期: 2026-06-11 10:16 修改: 2026-06-17 10:14
|
| libkrb5-3 |
CVE-2018-5709 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: integer overflow in dbentry->n_key_data in kadmin/dbutil/dump.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5709
镜像层: sha256:5a1ca664d31c99d0a37a2692a753fb2656019fba31e883f8cbf64003d179b131
发布日期: 2018-01-16 09:29 修改: 2026-06-17 02:00
|
| libkrb5-3 |
CVE-2024-26458 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458
镜像层: sha256:5a1ca664d31c99d0a37a2692a753fb2656019fba31e883f8cbf64003d179b131
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| python3.13-venv |
CVE-2026-12003 |
低危 |
3.13.5-2+deb13u2 |
|
To allow builds of Python to be run from an in-tree layout (rather tha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12003
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-06-16 17:16 修改: 2026-06-23 18:17
|
| python3.13-venv |
CVE-2026-3479 |
低危 |
3.13.5-2+deb13u2 |
|
python: Python pkgutil.get_data(): Path Traversal via improper resource argument validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3479
镜像层: sha256:a9e066198a64163149e623dd8cc5a29f42fbc576626dfbb0cd44bdf70f842d87
发布日期: 2026-03-18 19:16 修改: 2026-06-17 10:43
|
| libkrb5-3 |
CVE-2024-26461 |
低危 |
1.21.3-5+deb13u1 |
|
krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461
镜像层: sha256:5a1ca664d31c99d0a37a2692a753fb2656019fba31e883f8cbf64003d179b131
发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
|
| libuuid1 |
CVE-2026-53613 |
未知 |
2.41-5 |
|
[Local Privilege Escalation via TOCTOU in mount(8) - Target Path Redirection]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53613
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libuuid1 |
CVE-2026-53614 |
未知 |
2.41-5 |
|
[Local Privilege Escalation via LIBMOUNT_FORCE_MOUNT2 Environment Variable - nosuid/noexec Bypass in SUID mount(8)]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53614
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| libuuid1 |
CVE-2026-53612 |
未知 |
2.41-5 |
|
[Local Privilege Escalation via TOCTOU in mount(8) hook_owner.c chmod/chown]
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53612
镜像层: sha256:38253f8df53ddff4e80c63ab44f5f224500b27ff2094bef5a22b191f364b9565
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|