| go.opentelemetry.io/otel |
CVE-2026-29181 |
高危 |
v1.37.0 |
1.41.0 |
github.com/open-telemetry/opentelemetry-go: OpenTelemetry-Go: Denial of Service via crafted multi-value baggage headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29181
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-04-07 21:17 修改: 2026-06-17 10:29
|
| golang.org/x/crypto |
CVE-2026-39827 |
高危 |
v0.51.0 |
0.52.0 |
An authenticated SSH client that repeatedly opened channels which were ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39827
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39828 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39828
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39829 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39829
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39830 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39830
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39832 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39832
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39835 |
高危 |
v0.51.0 |
0.52.0 |
SSH servers which use CertChecker as a public key callback without set ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39835
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-42508 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh/knownhosts: golang: golang.org/x/crypto/ssh/knownhosts: Revocation bypass via unchecked SignatureKey
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42508
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:47
|
| golang.org/x/crypto |
CVE-2026-46595 |
高危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Authorization bypass due to skipped source-address validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46595
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| golang.org/x/crypto |
CVE-2026-46597 |
高危 |
v0.51.0 |
0.52.0 |
An incorrectly placed cast from bytes to int allowed for server-side p ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46597
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| github.com/aws/aws-sdk-go-v2/service/s3 |
GHSA-xmrv-pmrh-hhx2 |
中危 |
v1.96.2 |
1.97.3 |
Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder
漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
|
| github.com/quic-go/quic-go |
CVE-2026-40898 |
中危 |
v0.57.1 |
0.59.1 |
quic-go is an implementation of the QUIC protocol in Go. Prior to vers ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40898
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-06-04 19:16 修改: 2026-06-17 10:45
|
| github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream |
GHSA-xmrv-pmrh-hhx2 |
中危 |
v1.7.5 |
1.7.8 |
Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder
漏洞详情: https://github.com/advisories/GHSA-xmrv-pmrh-hhx2
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-04-08 00:18 修改: 2026-04-08 00:18
|
| golang.org/x/crypto |
CVE-2026-39831 |
中危 |
v0.51.0 |
0.52.0 |
The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nis ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39831
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39833 |
中危 |
v0.51.0 |
0.52.0 |
The in-memory keyring returned by NewKeyring() silently accepted keys ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39833
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-39834 |
中危 |
v0.51.0 |
0.52.0 |
When writing data larger than 4GB in a single Write call on an SSH cha ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39834
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:42
|
| golang.org/x/crypto |
CVE-2026-46598 |
中危 |
v0.51.0 |
0.52.0 |
golang.org/x/crypto/ssh/agent: golang: golang.org/x/crypto/ssh/agent: Denial of Service via malformed input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46598
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-22 04:16 修改: 2026-06-17 10:53
|
| golang.org/x/image |
CVE-2026-33813 |
中危 |
v0.39.0 |
0.42.0 |
golang.org/x/image: golang: golang.org/x/image: Denial of Service via malformed WEBP image parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33813
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-04-21 20:16 修改: 2026-06-25 20:17
|
| golang.org/x/image |
CVE-2026-46601 |
中危 |
v0.39.0 |
0.43.0 |
golang.org/x/image/webp: golang.org/x/image/webp: Denial of Service via malformed VP8 chunk in WebP images
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46601
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16
|
| golang.org/x/image |
CVE-2026-42500 |
未知 |
v0.39.0 |
0.41.0 |
Decoding a paletted BMP file with an out-of-range palette index result ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42500
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:47
|
| golang.org/x/image |
CVE-2026-46599 |
未知 |
v0.39.0 |
0.41.0 |
The TIFF decoder does not place a limit on the size of PackBits-compre ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46599
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-05-29 20:16 修改: 2026-06-17 10:53
|
| golang.org/x/image |
CVE-2026-46602 |
未知 |
v0.39.0 |
0.43.0 |
Lack of limit on tile sizes in x/image/tiff in golang.org/x/image
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46602
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-06-25 20:17 修改: 2026-06-26 17:16
|
| golang.org/x/image |
CVE-2026-46604 |
未知 |
v0.39.0 |
0.43.0 |
Panic decoding image with out-of-bounds strip offset in x/image/tiff in golang.org/x/image
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46604
镜像层: sha256:334562e72872a13b6306e53ba0337792f6bbbf47229335377e6de127be3f9c20
发布日期: 2026-06-26 21:16 修改: 2026-06-26 21:16
|