| github.com/smallstep/certificates |
CVE-2025-44005 |
严重 |
v0.28.4 |
0.29.0 |
github.com/smallstep/certificates: github.com/smallstep/certificates: Authorization bypass allows unauthorized certificate creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-44005
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-12-17 16:16 修改: 2025-12-18 15:07
|
| github.com/quic-go/quic-go |
CVE-2025-59530 |
高危 |
v0.54.0 |
0.49.1, 0.54.1 |
github.com/quic-go/quic-go: quic-go Crash Due to Premature HANDSHAKE_DONE Frame
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59530
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-10 16:15 修改: 2025-10-14 19:36
|
| stdlib |
CVE-2025-58183 |
高危 |
1.25.0 |
1.24.8, 1.25.2 |
golang: archive/tar: Unbounded allocation when parsing GNU sparse map
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58183
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-61729 |
高危 |
1.25.0 |
1.24.11, 1.25.5 |
crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61729
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-12-02 19:15 修改: 2025-12-19 18:25
|
| github.com/smallstep/certificates |
CVE-2025-66406 |
中危 |
v0.28.4 |
0.29.0 |
github.com/smallstep/certificates: Step CA: Denial of Service via improper SSH certificate revocation authorization
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66406
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-12-03 20:16 修改: 2025-12-04 17:15
|
| golang.org/x/crypto |
CVE-2025-47914 |
中危 |
v0.40.0 |
0.45.0 |
golang.org/x/crypto/ssh/agent: in golang.org/x/crypto/ssh/agent
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47914
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:36
|
| golang.org/x/crypto |
CVE-2025-58181 |
中危 |
v0.40.0 |
0.45.0 |
golang.org/x/crypto/ssh: in golang.org/x/crypto/ssh
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58181
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-11-19 21:15 修改: 2025-12-11 19:29
|
| github.com/slackhq/nebula |
CVE-2025-62820 |
中危 |
v1.9.5 |
1.9.7 |
Slack Nebula may accept arbitrary source IP addresses
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62820
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-23 04:18 修改: 2025-10-27 13:20
|
| github.com/quic-go/quic-go |
CVE-2025-64702 |
中危 |
v0.54.0 |
0.57.0 |
github.com/quic-go/quic-go/http3: quic-go HTTP/3 QPACK Header Expansion DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64702
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-12-11 21:15 修改: 2025-12-12 15:17
|
| stdlib |
CVE-2025-47910 |
中危 |
1.25.0 |
1.25.1 |
net/http: CrossOriginProtection bypass in net/http
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47910
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-09-22 21:15 修改: 2025-09-24 14:15
|
| stdlib |
CVE-2025-47912 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
net/url: Insufficient validation of bracketed IPv6 hostnames in net/url
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47912
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-58185 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58185
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-58186 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58186
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-58187 |
中危 |
1.25.0 |
1.24.9, 1.25.3 |
crypto/x509: Quadratic complexity when checking name constraints in crypto/x509
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58187
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-20 23:15
|
| stdlib |
CVE-2025-58188 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58188
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-58189 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58189
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-61723 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61723
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-61724 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61724
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-11-04 22:16
|
| stdlib |
CVE-2025-61725 |
中危 |
1.25.0 |
1.24.8, 1.25.2 |
net/mail: Excessive CPU consumption in ParseAddress in net/mail
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61725
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-10-29 23:16 修改: 2025-12-09 18:15
|
| stdlib |
CVE-2025-61727 |
中危 |
1.25.0 |
1.24.11, 1.25.5 |
golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61727
镜像层: sha256:b711463ad8f751b791233378342fb086231fd401c7e18e5870f7f52894118cbc
发布日期: 2025-12-03 20:16 修改: 2025-12-18 20:15
|