ghcr.io/imagegenius/immich:3.0.1-noml linux/amd64

ghcr.io/imagegenius/immich:3.0.1-noml - Trivy安全扫描结果 扫描时间: 2026-07-12 20:18
全部漏洞信息
低危漏洞:29 中危漏洞:153 高危漏洞:12 严重漏洞:0

系统OS: ubuntu 26.04 扫描引擎: Trivy 扫描时间: 2026-07-12 20:18

ghcr.io/imagegenius/immich:3.0.1-noml (ubuntu 26.04) (ubuntu)
低危漏洞:26 中危漏洞:136 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bsdutils CVE-2026-27456 中危 1:2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

bsdutils CVE-2026-3184 中危 1:2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

gzip CVE-2026-41991 中危 1.14-1~exp2ubuntu1 1.14-1~exp2ubuntu1.1 gzip: gzip: Arbitrary file overwrite via insecure temporary file handling in gzexe utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41991

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02

gzip CVE-2026-41992 中危 1.14-1~exp2ubuntu1 1.14-1~exp2ubuntu1.1 GNU gzip contains a global buffer overflow vulnerability in the LZH de ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41992

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02

jq CVE-2026-41256 中危 1.8.1-4ubuntu2 jq: embedded NUL truncates top-level jq programs loaded with -f

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41256

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:46

jq CVE-2026-41257 中危 1.8.1-4ubuntu2 jq: signed-int overflow in stack_reallocate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41257

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:46

jq CVE-2026-43895 中危 1.8.1-4ubuntu2 jq: embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43895

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:50

jq CVE-2026-43896 中危 1.8.1-4ubuntu2 jq: stack overflow in recursive object merge

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43896

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:50

jq CVE-2026-44777 中危 1.8.1-4ubuntu2 jq: stack overflow in module loading on mutual include

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44777

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:51

libblkid1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libblkid1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

libc-bin CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc-bin CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-bin CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-bin CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc-bin CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libc-gconv-modules-extra CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc-gconv-modules-extra CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-gconv-modules-extra CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc-gconv-modules-extra CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc-gconv-modules-extra CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libc6 CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

libc6 CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc6 CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

libc6 CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

libc6 CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

libde265-0 CVE-2024-38949 中危 1.0.16-1build1 Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attacker ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38949

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2024-06-26 20:15 修改: 2026-06-17 07:41

libde265-0 CVE-2024-38950 中危 1.0.16-1build1 Heap Buffer Overflow vulnerability in Libde265 v1.0.15 allows attacker ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38950

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2024-06-26 20:15 修改: 2026-06-17 07:41

libde265-0 CVE-2026-33164 中危 1.0.16-1build1 libde265 is an open source implementation of the h.265 video codec. Pr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33164

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-03-20 21:17 修改: 2026-06-17 10:37

libde265-0 CVE-2026-33165 中危 1.0.16-1build1 libde265 is an open source implementation of the h.265 video codec. Pr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33165

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-03-20 21:17 修改: 2026-06-17 10:37

libexif12 CVE-2026-40385 中危 0.6.25-2 libexif: libexif: Information disclosure and crashes via integer overflow in Nikon MakerNote handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40385

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-04-12 19:16 修改: 2026-06-17 10:45

libexif12 CVE-2026-40386 中危 0.6.25-2 libexif: libexif: Denial of Service and information disclosure via integer underflow in MakerNote decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40386

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-04-12 19:16 修改: 2026-06-17 10:45

libexpat1 CVE-2025-66382 中危 2.7.4-1 libexpat: libexpat: Denial of service via crafted file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56

libheif-plugin-aomdec CVE-2026-47254 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47254

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif-plugin-aomdec CVE-2026-47709 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47709

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif-plugin-aomdec CVE-2026-47714 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47714

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif-plugin-aomdec CVE-2026-48029 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48029

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif-plugin-aomdec CVE-2026-50142 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50142

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif1 CVE-2026-47254 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47254

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif1 CVE-2026-47709 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47709

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif1 CVE-2026-47714 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47714

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif1 CVE-2026-48029 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48029

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libheif1 CVE-2026-50142 中危 1.21.2-3ubuntu0.2 1.21.2-3ubuntu0.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50142

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

libjq1 CVE-2026-41256 中危 1.8.1-4ubuntu2 jq: embedded NUL truncates top-level jq programs loaded with -f

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41256

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:46

libjq1 CVE-2026-41257 中危 1.8.1-4ubuntu2 jq: signed-int overflow in stack_reallocate

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41257

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:46

libjq1 CVE-2026-43895 中危 1.8.1-4ubuntu2 jq: embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43895

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:50

libjq1 CVE-2026-43896 中危 1.8.1-4ubuntu2 jq: stack overflow in recursive object merge

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43896

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:50

libjq1 CVE-2026-44777 中危 1.8.1-4ubuntu2 jq: stack overflow in module loading on mutual include

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44777

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-05-11 18:16 修改: 2026-06-17 10:51

libmount1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libmount1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

libnghttp2-14 CVE-2026-58055 中危 1.68.0-2ubuntu0.1 1.68.0-2ubuntu0.2 nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade re ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58055

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-06-28 02:16 修改: 2026-06-30 17:41

libopenexr-3-1-30 CVE-2025-12495 中危 3.1.13-2build1 OpenEXR: OpenEXR: Remote Code Execution via malicious EXR file parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12495

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-12-23 22:15 修改: 2026-06-17 08:32

libopenexr-3-1-30 CVE-2025-12839 中危 3.1.13-2build1 OpenEXR: OpenEXR: Remote Code Execution via Heap-based Buffer Overflow in EXR File Parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12839

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-12-23 22:15 修改: 2026-06-17 08:33

libopenexr-3-1-30 CVE-2025-12840 中危 3.1.13-2build1 OpenEXR: OpenEXR: Remote Code Execution via EXR file parsing heap-based buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12840

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-12-23 22:15 修改: 2026-06-17 08:33

libopenexr-3-1-30 CVE-2025-48072 中危 3.1.13-2build1 openexr: OpenEXR Out of Bounds Read

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48072

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-07-31 21:15 修改: 2026-06-17 09:29

libopenexr-3-1-30 CVE-2026-27622 中危 3.1.13-2build1 openexr: OpenEXR: Arbitrary code execution via integer overflow in EXR file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27622

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-03-03 23:15 修改: 2026-06-30 03:17

libopenexr-3-1-30 CVE-2026-34380 中危 3.1.13-2build1 OpenEXR: OpenEXR: Denial of Service due to signed integer overflow in image decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34380

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:38

libopenexr-3-1-30 CVE-2026-34588 中危 3.1.13-2build1 OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34588

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-04-06 16:16 修改: 2026-06-30 03:18

libopenjp2-7 CVE-2023-39328 中危 2.5.4-1ubuntu0.1 openjpeg: denail of service via crafted image file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39328

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2024-07-09 14:15 修改: 2026-06-26 10:16

libopenjp2-7 CVE-2023-39329 中危 2.5.4-1ubuntu0.1 openjpeg: Resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39329

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2024-07-13 03:15 修改: 2026-06-17 06:12

libp11-kit0 CVE-2026-13757 中危 0.26.2-2 p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-06-29 19:16 修改: 2026-07-11 17:16

libpixman-1-0 CVE-2023-37769 中危 0.46.4-1 stress-test master commit e4c878 was discovered to contain a FPE vulne ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37769

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2023-07-17 20:15 修改: 2026-06-17 06:08

libpython3.14-minimal CVE-2026-1502 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

libpython3.14-minimal CVE-2026-3276 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

libpython3.14-minimal CVE-2026-4786 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

libpython3.14-minimal CVE-2026-5713 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59

libpython3.14-minimal CVE-2026-6019 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

libpython3.14-minimal CVE-2026-6100 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

libpython3.14-minimal CVE-2026-7774 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

libpython3.14-minimal CVE-2026-8328 中危 3.14.4-1 3.14.4-1ubuntu0.1 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

libpython3.14-minimal CVE-2026-9669 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

libpython3.14-stdlib CVE-2026-1502 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

libpython3.14-stdlib CVE-2026-3276 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

libpython3.14-stdlib CVE-2026-4786 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

libpython3.14-stdlib CVE-2026-5713 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59

libpython3.14-stdlib CVE-2026-6019 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

libpython3.14-stdlib CVE-2026-6100 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

libpython3.14-stdlib CVE-2026-7774 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

libpython3.14-stdlib CVE-2026-8328 中危 3.14.4-1 3.14.4-1ubuntu0.1 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

libpython3.14-stdlib CVE-2026-9669 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

libsmartcols1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libsmartcols1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

libuuid1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

libuuid1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

libx264-165 CVE-2025-25467 中危 2:0.165.3222+gitb35605ac-3build1 Insufficient tracking and releasing of allocated used memory in libx26 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25467

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-02-18 22:15 修改: 2026-06-17 09:00

locales CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55

locales CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

locales CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56

locales CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59

locales CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17

login CVE-2026-27456 中危 1:4.16.0-2+really2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

login CVE-2026-3184 中危 1:4.16.0-2+really2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

mount CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

mount CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

nodejs CVE-2024-21890 中危 24.15.0-1nodesource1 nodejs: improper handling of wildcards in --allow-fs-read and --allow-fs-write

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21890

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2024-02-20 02:15 修改: 2026-06-17 07:10

python3.14 CVE-2026-1502 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

python3.14 CVE-2026-3276 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

python3.14 CVE-2026-4786 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

python3.14 CVE-2026-5713 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59

python3.14 CVE-2026-6019 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

python3.14 CVE-2026-6100 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

python3.14 CVE-2026-7774 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

python3.14 CVE-2026-8328 中危 3.14.4-1 3.14.4-1ubuntu0.1 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

python3.14 CVE-2026-9669 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

python3.14-minimal CVE-2026-1502 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: HTTP header injection via CR/LF in proxy tunnel headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1502

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-10 18:16 修改: 2026-06-30 16:16

python3.14-minimal CVE-2026-3276 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python unicodedata: Denial of Service due to excessive CPU consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3276

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-03 16:16 修改: 2026-06-17 10:43

python3.14-minimal CVE-2026-4786 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17

python3.14-minimal CVE-2026-5713 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Information disclosure and arbitrary code execution via remote debugging with a malicious process.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5713

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-14 16:16 修改: 2026-06-17 10:59

python3.14-minimal CVE-2026-6019 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-22 20:16 修改: 2026-06-17 11:00

python3.14-minimal CVE-2026-6100 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21

python3.14-minimal CVE-2026-7774 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: CPython: Python tarfile: Arbitrary file write via crafted link entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7774

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-04 16:16 修改: 2026-07-07 18:16

python3.14-minimal CVE-2026-8328 中危 3.14.4-1 3.14.4-1ubuntu0.1 The ftpcp() function in Lib/ftplib.py was not updated when CVE-2021-4 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8328

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-05-13 21:16 修改: 2026-06-30 16:16

python3.14-minimal CVE-2026-9669 中危 3.14.4-1 3.14.4-1ubuntu0.1 python: Python: Denial of Service via out-of-bounds write in BZ2 decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9669

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-08 23:17 修改: 2026-07-07 18:16

rust-coreutils CVE-2026-35341 中危 0.8.0-0ubuntu3 A vulnerability in uutils coreutils mkfifo allows for the unauthorized ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35341

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35344 中危 0.8.0-0ubuntu3 The dd utility in uutils coreutils suppresses errors during file trunc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35344

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35345 中危 0.8.0-0ubuntu3 A vulnerability in the tail utility of uutils coreutils allows for the ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35345

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35348 中危 0.8.0-0ubuntu3 The sort utility in uutils coreutils is vulnerable to a process panic ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35348

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35350 中危 0.8.0-0ubuntu3 The cp utility in uutils coreutils fails to properly handle setuid and ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35350

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35351 中危 0.8.0-0ubuntu3 The mv utility in uutils coreutils fails to preserve file ownership du ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35351

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35352 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35352

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35354 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35354

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35357 中危 0.8.0-0ubuntu3 The cp utility in uutils coreutils is vulnerable to an information dis ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35357

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35359 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utilit ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35359

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35360 中危 0.8.0-0ubuntu3 The touch utility in uutils coreutils is vulnerable to a Time-of-Check ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35360

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35363 中危 0.8.0-0ubuntu3 A vulnerability in the rm utility of uutils coreutils allows the bypas ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35363

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35364 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35364

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35367 中危 0.8.0-0ubuntu3 The nohup utility in uutils coreutils creates its default output file, ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35367

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35368 中危 0.8.0-0ubuntu3 A vulnerability exists in the chroot utility of uutils coreutils when ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35368

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35370 中危 0.8.0-0ubuntu3 The id utility in uutils coreutils miscalculates the groups= section o ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35370

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35371 中危 0.8.0-0ubuntu3 The id utility in uutils coreutils exhibits incorrect behavior in its ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35371

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35373 中危 0.8.0-0ubuntu3 A logic error in the ln utility of uutils coreutils causes the program ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35373

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35374 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the sp ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35374

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

rust-coreutils CVE-2026-35377 中危 0.8.0-0ubuntu3 A logic error in the env utility of uutils coreutils causes a failure ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35377

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40

tar CVE-2025-45582 中危 1.35+dfsg-4ubuntu0.1 1.35+dfsg-4ubuntu0.2 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25

util-linux CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27

util-linux CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43

libcairo2 CVE-2018-18064 低危 1.18.4-3 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2018-10-08 18:29 修改: 2026-06-17 01:46

libcurl4t64 CVE-2026-10536 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02

login.defs CVE-2024-56433 低危 1:4.17.4-2ubuntu3 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

libcurl4t64 CVE-2026-11352 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11352

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:01

libcurl4t64 CVE-2026-11564 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11564

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:00

libcurl4t64 CVE-2026-11586 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 curl: curl: Denial of Service via WebSocket PING flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11586

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 17:59

passwd CVE-2024-56433 低危 1:4.17.4-2ubuntu3 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12

libcurl4t64 CVE-2026-12064 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 curl: curl: SSH host verification bypass when using schemeless URLs with SFTP/SCP

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 19:43

libopenexr-3-1-30 CVE-2021-45942 低危 3.1.13-2build1 OpenEXR: heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45942

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2022-01-01 01:15 修改: 2026-06-17 04:14

curl CVE-2026-12064 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 curl: curl: SSH host verification bypass when using schemeless URLs with SFTP/SCP

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 19:43

curl CVE-2026-10536 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02

libopenjp2-7 CVE-2019-6988 低危 2.5.4-1ubuntu0.1 openjpeg: DoS via memory exhaustion in opj_decompress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6988

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2019-01-28 16:29 修改: 2026-06-17 02:39

curl CVE-2026-11352 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11352

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:01

curl CVE-2026-11564 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11564

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:00

libsystemd0 CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libudev1 CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libelf1t64 CVE-2025-1352 低危 0.194-4 elfutils: GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1352

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-02-16 15:15 修改: 2026-06-17 08:38

libelf1t64 CVE-2025-1376 低危 0.194-4 elfutils: GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1376

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2025-02-17 05:15 修改: 2026-06-17 08:39

curl CVE-2026-11586 低危 8.18.0-1ubuntu2.2 8.18.0-1ubuntu2.3 curl: curl: Denial of Service via WebSocket PING flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11586

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-07-03 07:16 修改: 2026-07-07 17:59

libcairo-gobject2 CVE-2017-7475 低危 1.18.4-3 cairo: NULL pointer dereference with a crafted font file

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24

libexif12 CVE-2026-32775 低危 0.6.25-2 libexif: libexif: Buffer overwrite via integer underflow in MakerNotes decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32775

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2026-03-16 14:19 修改: 2026-06-17 10:36

systemd-standalone-sysusers CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:5ae12c2ad76f5624d8ff875d731104e4cb216b64296715479fa99d231bb2ebdb

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44

libcairo-gobject2 CVE-2018-18064 低危 1.18.4-3 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18064

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2018-10-08 18:29 修改: 2026-06-17 01:46

libgcrypt20 CVE-2024-2236 低危 1.12.0-2ubuntu0.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24

libcairo2 CVE-2017-7475 低危 1.18.4-3 cairo: NULL pointer dereference with a crafted font file

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475

镜像层: sha256:11281eca0acec0553671babe26a52109e35b5a011d280930cc2cc6e6a18c558f

发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24

zlib1g CVE-2026-27171 低危 1:1.3.dfsg+really1.3.1-1ubuntu3 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

Node.js (node-pkg)
低危漏洞:3 中危漏洞:10 高危漏洞:5 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
multer CVE-2026-5079 高危 2.1.1 2.2.0, 3.0.0-alpha.2 Multer vulnerable to Denial of Service via deeply nested field names

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5079

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-15 14:16 修改: 2026-06-17 10:58

picomatch CVE-2026-33671 高危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37

sigstore CVE-2026-48815 高危 4.1.0 4.1.1 sigstore's `certificateOIDs` verification constraints are silently dropped and never enforced

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48815

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

undici CVE-2026-12151 高危 6.26.0 6.27.0, 7.28.0, 8.5.0 undici: undici: Denial of Service due to unbounded memory growth via WebSocket frames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12151

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-17 17:16 修改: 2026-07-09 13:16

ws CVE-2026-48779 高危 8.20.1 5.2.5, 6.2.4, 7.5.11, 8.21.0 ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48779

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-17 13:20 修改: 2026-07-10 12:17

js-yaml CVE-2026-53550 中危 4.1.1 4.2.0, 3.15.0 js-yaml: js-yaml: Denial of Service via crafted YAML merge keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53550

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-22 16:16 修改: 2026-07-09 20:33

@sigstore/core CVE-2026-48758 中危 3.2.0 3.2.1 @sigstore/core has DSSE payloadType type-binding failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48758

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

multer CVE-2026-5038 中危 2.1.1 2.2.0, 3.0.0-alpha.2 Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5038

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-15 16:16 修改: 2026-06-17 10:58

@sigstore/verify CVE-2026-48816 中危 3.1.0 3.1.1 sigstore-js has Insufficient Verification of Data Authenticity

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48816

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

picomatch CVE-2026-33672 中危 4.0.3 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-03-26 22:16 修改: 2026-06-17 10:37

brace-expansion CVE-2026-33750 中危 5.0.4 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38

tar CVE-2026-53655 中危 7.5.11 7.5.16 node-tar: node-tar: File smuggling due to inconsistent tar archive parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53655

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-06-22 16:16 修改: 2026-06-26 20:03

brace-expansion CVE-2026-45149 中危 5.0.4 5.0.6 brace-expansion: brace-expansion: Denial of Service due to excessive memory allocation when expanding large numeric ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45149

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:51

undici CVE-2026-9679 中危 6.26.0 6.27.0, 7.28.0, 8.5.0 undici: undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9679

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-17 18:18 修改: 2026-06-25 17:43

ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address: ip-address: Cross-site scripting via improper HTML escaping of untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:7a3a23339e6b1b760102fbb5dff38b0aceee9962297c9a27468656cac3adc7af

发布日期: 2026-05-12 20:16 修改: 2026-07-09 13:17

undici CVE-2026-11525 低危 6.26.0 6.27.0, 7.28.0, 8.5.0 undici: undici: Weakening of cookie SameSite policy due to incorrect parsing of Set-Cookie header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11525

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-17 18:17 修改: 2026-06-25 17:46

undici CVE-2026-6733 低危 6.26.0 6.27.0, 7.28.0, 8.5.0 undici: Undici: Response queue poisoning on reused keep-alive sockets can lead to incorrect response delivery.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6733

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-17 18:18 修改: 2026-06-27 23:46

esbuild GHSA-g7r4-m6w7-qqqr 低危 0.27.4 0.28.1 esbuild allows arbitrary file read when running the development server on Windows

漏洞详情: https://github.com/advisories/GHSA-g7r4-m6w7-qqqr

镜像层: sha256:0a20945e068949a3cbd52ee529bf978f85381e6cfdc6ee869abc1dd3b67eb7ca

发布日期: 2026-06-12 20:08 修改: 2026-06-12 20:08

usr/bin/pebble (gobinary)
低危漏洞:0 中危漏洞:7 高危漏洞:7 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/net CVE-2026-25681 高危 v0.40.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

golang.org/x/net CVE-2026-27136 高危 v0.40.0 0.55.0 golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via HTML parsing bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26

golang.org/x/net CVE-2026-33814 高危 v0.40.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-07 20:16 修改: 2026-07-10 12:16

golang.org/x/net CVE-2026-39821 高危 v0.40.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 16:16 修改: 2026-07-10 12:16

stdlib CVE-2026-27145 高危 v1.26.3 1.25.11, 1.26.4 crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-06-02 23:16 修改: 2026-07-09 13:16

stdlib CVE-2026-39822 高危 v1.26.3 1.25.12, 1.26.5, 1.27.0-rc.2 os: golang: Go os.Root: Symlink following vulnerability allows directory traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39822

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-42504 高危 v1.26.3 1.25.11, 1.26.4 mime: golang: Golang MIME: Denial of Service via maliciously-crafted MIME header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2026-42502 中危 v0.40.0 0.55.0 golang.org/x/net/html: golang: golang.org/x/net/html: Cross-Site Scripting via unexpected HTML tree rendering

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2026-42506 中危 v0.40.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Cross-Site Scripting (XSS) via arbitrary HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47

golang.org/x/net CVE-2025-47911 中危 v0.40.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28

golang.org/x/net CVE-2025-58190 中危 v0.40.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44

golang.org/x/net CVE-2026-25680 中危 v0.40.0 0.55.0 golang.org/x/net/html: golang.org/x/net/html: Denial of Service due to excessive HTML parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25

stdlib CVE-2026-42505 中危 v1.26.3 1.25.12, 1.26.5, 1.27.0-rc.2 crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42505

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-07-08 17:17 修改: 2026-07-10 18:57

stdlib CVE-2026-42507 中危 v1.26.3 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47

golang.org/x/sys CVE-2026-39824 未知 v0.33.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:c1c227ae8b728f3bf8417505f40dbe5314e2921689e337738831df2618530417

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×