| bsdutils |
CVE-2026-27456 |
中危 |
1:2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| gzip |
CVE-2026-41991 |
中危 |
1.12-1ubuntu3.1 |
1.12-1ubuntu3.2 |
gzip: gzip: Arbitrary file overwrite via insecure temporary file handling in gzexe utility
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41991
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02
|
| gzip |
CVE-2026-41992 |
中危 |
1.12-1ubuntu3.1 |
1.12-1ubuntu3.2 |
GNU gzip contains a global buffer overflow vulnerability in the LZH de ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41992
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-06-29 12:16 修改: 2026-07-01 14:02
|
| libblkid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libc-bin |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| libc-bin |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| libc-bin |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| libc-bin |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| libc-bin |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| libc6 |
CVE-2026-4046 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| libc6 |
CVE-2026-4437 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| libc6 |
CVE-2026-4438 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| libc6 |
CVE-2026-5435 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Out-of-bounds write via TSIG record processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
|
| libc6 |
CVE-2026-6238 |
中危 |
2.39-0ubuntu8.7 |
|
glibc: glibc: Application crash or uninitialized memory read via crafted DNS response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
|
| libgcrypt20 |
CVE-2026-41989 |
中危 |
1.10.3-2build1 |
1.10.3-2ubuntu0.1 |
Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
|
| libmount1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libnghttp2-14 |
CVE-2026-58055 |
中危 |
1.59.0-1ubuntu0.3 |
1.59.0-1ubuntu0.4 |
nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade re ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58055
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-06-28 02:16 修改: 2026-06-30 17:41
|
| libp11-kit0 |
CVE-2026-13757 |
中危 |
0.25.3-4ubuntu2.1 |
|
p11-kit: Stack exhaustion via unbounded recursion in RPC attribute parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-13757
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-06-29 19:16 修改: 2026-07-11 17:16
|
| libsmartcols1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| libsystemd0 |
CVE-2026-40226 |
中危 |
255.4-1ubuntu8.15 |
255.4-1ubuntu8.16 |
systemd: systemd nspawn: Escape-to-host action via crafted config file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
|
| libudev1 |
CVE-2026-40226 |
中危 |
255.4-1ubuntu8.15 |
255.4-1ubuntu8.16 |
systemd: systemd nspawn: Escape-to-host action via crafted config file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
|
| libuuid1 |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| mount |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| perl-base |
CVE-2026-42496 |
中危 |
5.38.2-3.2ubuntu0.2 |
5.38.2-3.2ubuntu0.3 |
perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19
|
| perl-base |
CVE-2026-8376 |
中危 |
5.38.2-3.2ubuntu0.2 |
5.38.2-3.2ubuntu0.3 |
perl: Perl: Heap buffer overflow when compiling regular expressions on 32-bit builds
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03
|
| tar |
CVE-2025-45582 |
中危 |
1.35+dfsg-3build1 |
1.35+dfsg-3ubuntu0.2 |
tar: Tar path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25
|
| tar |
CVE-2026-5704 |
中危 |
1.35+dfsg-3build1 |
1.35+dfsg-3ubuntu0.1 |
tar: tar: Hidden file injection via crafted archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
|
| util-linux |
CVE-2026-27456 |
中危 |
2.39.3-9ubuntu6.5 |
|
util-linux: TOCTOU in the mount program when setting up loop devices
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
|
| wget |
CVE-2021-31879 |
中危 |
1.21.4-1ubuntu4.1 |
|
wget: authorization header disclosure on redirect
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2021-04-29 05:15 修改: 2026-06-17 03:52
|
| wget |
CVE-2026-58469 |
中危 |
1.21.4-1ubuntu4.1 |
|
GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buff ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58469
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-07-07 21:17 修改: 2026-07-09 15:59
|
| wget |
CVE-2026-58470 |
中危 |
1.21.4-1ubuntu4.1 |
|
GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58470
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-07-07 21:17 修改: 2026-07-09 16:01
|
| wget |
CVE-2026-58471 |
中危 |
1.21.4-1ubuntu4.1 |
|
wget: GNU Wget: Heap buffer overflow via server-supplied filename leads to memory corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58471
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-07-07 21:17 修改: 2026-07-09 16:02
|
| wget |
CVE-2026-58472 |
中危 |
1.21.4-1ubuntu4.1 |
|
GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buff ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-58472
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-07-07 21:17 修改: 2026-07-09 15:58
|
| ncurses-bin |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| passwd |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
|
| liblzma5 |
CVE-2026-34743 |
低危 |
5.6.1+really5.4.5-1ubuntu0.2 |
5.6.1+really5.4.5-1ubuntu0.3 |
xz: XZ Utils: Denial of Service via buffer overflow in index decoding
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
|
| libcurl4-gnutls-dev |
CVE-2026-10536 |
低危 |
8.5.0-2ubuntu10.10 |
8.5.0-2ubuntu10.11 |
libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02
|
| libsystemd0 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.15 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
|
| libtinfo6 |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| libncursesw6 |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| libudev1 |
CVE-2026-40228 |
低危 |
255.4-1ubuntu8.15 |
|
systemd: systemd-journald: Unintended output to user terminals via logger command
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
|
| libcurl3t64-gnutls |
CVE-2026-10536 |
低危 |
8.5.0-2ubuntu10.10 |
8.5.0-2ubuntu10.11 |
libcurl: libcurl: Use-after-free vulnerability leading to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536
镜像层: sha256:246635c962a7114f77953585cf1aaa0df6405e8b798e90dbe81e2a7e76f8a832
发布日期: 2026-07-03 07:16 修改: 2026-07-07 18:02
|
| login |
CVE-2024-56433 |
低危 |
1:4.13+dfsg1-4ubuntu3.2 |
|
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
|
| libgcrypt20 |
CVE-2024-2236 |
低危 |
1.10.3-2build1 |
|
libgcrypt: vulnerable to Marvin Attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
|
| ncurses-base |
CVE-2025-69720 |
低危 |
6.4+20240113-1ubuntu2 |
6.4+20240113-1ubuntu2.1 |
ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution.
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69720
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-03-19 15:16 修改: 2026-06-17 10:00
|
| zlib1g |
CVE-2026-27171 |
低危 |
1:1.3.dfsg-3.1ubuntu2.1 |
|
zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171
镜像层: sha256:98effb2dfe85d4c431f97d90482075f19e5fc3a57c2dd423d8bdfd4813620043
发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
|