docker.io/apache/activemq:5.19.8 linux/amd64

docker.io/apache/activemq:5.19.8 - Trivy安全扫描结果 扫描时间: 2026-06-30 11:35
全部漏洞信息
低危漏洞:38 中危漏洞:87 高危漏洞:17 严重漏洞:1

系统OS: ubuntu 26.04 扫描引擎: Trivy 扫描时间: 2026-06-30 11:35

docker.io/apache/activemq:5.19.8 (ubuntu 26.04) (ubuntu)
低危漏洞:34 中危漏洞:70 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bsdutils CVE-2026-27456 中危 1:2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
bsdutils CVE-2026-3184 中危 1:2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
curl CVE-2026-11856 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-8925 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-8927 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-9079 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9079

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libblkid1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libblkid1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libc-bin CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc-bin CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-bin CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-bin CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc-bin CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libc-gconv-modules-extra CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc-gconv-modules-extra CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-gconv-modules-extra CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-gconv-modules-extra CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc-gconv-modules-extra CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libc6 CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc6 CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc6 CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc6 CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc6 CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libcurl4t64 CVE-2026-11856 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8925 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8925

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8927 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-9079 中危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9079

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libexpat1 CVE-2025-66382 中危 2.7.4-1 libexpat: libexpat: Denial of service via crafted file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2025-11-28 07:15 修改: 2026-06-17 09:56
libmount1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libmount1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libsmartcols1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libsmartcols1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
libuuid1 CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libuuid1 CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
locales CVE-2026-4046 中危 2.43-2ubuntu2 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
locales CVE-2026-4437 中危 2.43-2ubuntu2 glibc: glibc: Incorrect DNS response parsing via crafted DNS server response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
locales CVE-2026-4438 中危 2.43-2ubuntu2 glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
locales CVE-2026-5435 中危 2.43-2ubuntu2 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
locales CVE-2026-6238 中危 2.43-2ubuntu2 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
login CVE-2026-27456 中危 1:4.16.0-2+really2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
login CVE-2026-3184 中危 1:4.16.0-2+really2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
mount CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
mount CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
perl-base CVE-2026-42496 中危 5.40.1-7build1 5.40.1-7ubuntu0.1 perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-26 02:16 修改: 2026-06-17 10:47
perl-base CVE-2026-8376 中危 5.40.1-7build1 5.40.1-7ubuntu0.1 Perl versions through 5.43.10 have a heap buffer overflow when compili ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03
rust-coreutils CVE-2026-35341 中危 0.8.0-0ubuntu3 A vulnerability in uutils coreutils mkfifo allows for the unauthorized ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35341

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35344 中危 0.8.0-0ubuntu3 The dd utility in uutils coreutils suppresses errors during file trunc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35344

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35345 中危 0.8.0-0ubuntu3 A vulnerability in the tail utility of uutils coreutils allows for the ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35345

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35348 中危 0.8.0-0ubuntu3 The sort utility in uutils coreutils is vulnerable to a process panic ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35348

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35350 中危 0.8.0-0ubuntu3 The cp utility in uutils coreutils fails to properly handle setuid and ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35350

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35351 中危 0.8.0-0ubuntu3 The mv utility in uutils coreutils fails to preserve file ownership du ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35351

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35352 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35352

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35354 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the mv ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35354

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35357 中危 0.8.0-0ubuntu3 The cp utility in uutils coreutils is vulnerable to an information dis ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35357

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35359 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability in the cp utilit ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35359

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35360 中危 0.8.0-0ubuntu3 The touch utility in uutils coreutils is vulnerable to a Time-of-Check ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35360

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35363 中危 0.8.0-0ubuntu3 A vulnerability in the rm utility of uutils coreutils allows the bypas ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35363

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35364 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the m ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35364

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35367 中危 0.8.0-0ubuntu3 The nohup utility in uutils coreutils creates its default output file, ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35367

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35368 中危 0.8.0-0ubuntu3 A vulnerability exists in the chroot utility of uutils coreutils when ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35368

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35370 中危 0.8.0-0ubuntu3 The id utility in uutils coreutils miscalculates the groups= section o ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35370

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35371 中危 0.8.0-0ubuntu3 The id utility in uutils coreutils exhibits incorrect behavior in its ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35371

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35373 中危 0.8.0-0ubuntu3 A logic error in the ln utility of uutils coreutils causes the program ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35373

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35374 中危 0.8.0-0ubuntu3 A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the sp ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35374

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
rust-coreutils CVE-2026-35377 中危 0.8.0-0ubuntu3 A logic error in the env utility of uutils coreutils causes a failure ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35377

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-22 17:16 修改: 2026-06-17 10:40
tar CVE-2025-45582 中危 1.35+dfsg-4 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25
tar CVE-2026-5704 中危 1.35+dfsg-4 1.35+dfsg-4ubuntu0.1 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
util-linux CVE-2026-27456 中危 2.41.3-3ubuntu2 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
util-linux CVE-2026-3184 中危 2.41.3-3ubuntu2 util-linux: util-linux: Access control bypass due to improper hostname canonicalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3184

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-03 19:17 修改: 2026-06-17 10:43
wget CVE-2021-31879 中危 1.25.0-2ubuntu4 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 2021-04-29 05:15 修改: 2026-06-17 03:52
curl CVE-2026-8286 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-8458 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
login.defs CVE-2024-56433 低危 1:4.17.4-2ubuntu3 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
libcurl4t64 CVE-2026-10536 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-11352 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11352

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
passwd CVE-2024-56433 低危 1:4.17.4-2ubuntu3 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
libcurl4t64 CVE-2026-11564 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11564

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-11586 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11586

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-12064 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8286 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8458 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8924 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8926 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8926

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-8932 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8932

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-9080 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9080

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-9545 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9545

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-9546 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9546

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64 CVE-2026-9547 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-8924 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libgcrypt20 CVE-2024-2236 低危 1.12.0-2ubuntu0.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
curl CVE-2026-8926 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8926

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-8932 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8932

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-9080 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9080

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-9545 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9545

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libsystemd0 CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libudev1 CVE-2026-40228 低危 259.5-0ubuntu3 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
curl CVE-2026-9546 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9546

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-9547 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-10536 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-11352 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11352

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-11564 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11564

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-11586 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11586

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl CVE-2026-12064 低危 8.18.0-1ubuntu2.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064

镜像层: sha256:50b2ab83e23cddb0dec4d3c274e55d1a6b418026ab864362b17a9089e24ac77d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
zlib1g CVE-2026-27171 低危 1:1.3.dfsg+really1.3.1-1ubuntu3 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26
Java (jar)
低危漏洞:4 中危漏洞:14 高危漏洞:8 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.springframework:spring-web CVE-2016-1000027 严重 5.3.39 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2020-01-02 23:15 修改: 2024-11-21 02:42
com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.20.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
org.apache.camel:camel-core CVE-2020-11971 高危 2.25.4 3.2.0 camel: DNS Rebinding in JMX Connector could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11971

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2020-05-14 17:15 修改: 2026-06-17 02:51
org.apache.shiro:shiro-core CVE-2026-49268 高危 1.13.0 2.2.1, 3.0.0-alpha-2 A remote attacker can inject LDAP special characters into the Distingu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-49268

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-06-17 14:17 修改: 2026-06-18 14:45
org.eclipse.jetty:jetty-http CVE-2026-2332 高危 9.4.58.v20250814 12.1.7, 12.0.33 org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-04-14 12:16 修改: 2026-06-17 10:30
org.springframework:spring-core CVE-2025-41249 高危 5.3.39 6.2.11 org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41249

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2025-09-16 11:15 修改: 2026-06-17 09:22
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.20.0 2.18.8, 3.1.4, 2.21.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.39 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2024-09-13 06:15 修改: 2026-06-17 07:41
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.39 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2024-12-19 18:15 修改: 2026-06-17 07:41
com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.20.0 2.18.8, 2.21.4, 3.1.4 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
org.apache.shiro:shiro-spring CVE-2026-23903 中危 1.13.0 2.1.0 org.apache.shiro/shiro-web: Apache Shiro: Auth bypass when accessing static files only on case-insensitive filesystems

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23903

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-02-09 10:15 修改: 2026-06-17 10:22
com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.20.0 3.1.4, 2.18.9, 2.21.5 jackson-databind contains the general-purpose data-binding functionali ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.58.v20250814 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18
org.springframework:spring-context CVE-2024-38820 中危 5.3.39 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.20.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.25.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.springframework:spring-web CVE-2024-38820 中危 5.3.39 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41
org.apache.logging.log4j:log4j-core CVE-2026-34478 中危 2.25.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.25.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.39 5.3.42 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2024-11-18 04:15 修改: 2026-06-17 07:41
org.springframework:spring-webmvc CVE-2025-41242 中危 5.3.39 6.2.10 org.springframework/spring-webmvc: Spring Framework MVC path traversal vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41242

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2025-08-18 09:15 修改: 2026-06-17 09:22
org.springframework:spring-webmvc CVE-2026-22737 中危 5.3.39 7.0.6, 6.2.17 Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22737

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-03-20 00:16 修改: 2026-06-17 10:20
org.springframework:spring-webmvc CVE-2026-22745 中危 5.3.39 7.0.7, 6.2.18 spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22745

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-04-29 12:16 修改: 2026-06-17 10:20
org.springframework:spring-context CVE-2025-22233 低危 5.3.39 6.2.7, 6.1.20 CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22233

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2025-05-16 20:15 修改: 2026-06-17 08:45
org.apache.shiro:shiro-core CVE-2026-23901 低危 1.13.0 2.1.0 org.apache.shiro/shiro-core: Apache Shiro: Brute force attack possible to determine valid user names

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23901

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-02-10 10:15 修改: 2026-06-17 10:22
org.springframework:spring-webmvc CVE-2026-22735 低危 5.3.39 7.0.6, 6.2.17 org.springframework/spring-webmvc: org.springframework/spring-webflux: Spring MVC and WebFlux: Stream corruption vulnerability when using Server-Sent Events

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22735

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-03-20 00:16 修改: 2026-06-17 10:20
org.springframework:spring-webmvc CVE-2026-22741 低危 5.3.39 7.0.7, 6.2.18 Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22741

镜像层: sha256:72214a720291a4cfc0181b8bce24b191a55f3b021650e1e55f48d8be563118fe

发布日期: 2026-04-29 12:16 修改: 2026-06-17 10:20
usr/bin/pebble (gobinary)
低危漏洞:0 中危漏洞:3 高危漏洞:9 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
golang.org/x/net CVE-2026-25680 高危 v0.40.0 0.55.0 Parsing arbitrary HTML can consume excessive CPU time, possibly leadin ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25680

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net CVE-2026-25681 高危 v0.40.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25681

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:25
golang.org/x/net CVE-2026-27136 高危 v0.40.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27136

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:26
golang.org/x/net CVE-2026-33814 高危 v0.40.0 0.53.0 net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-07 20:16 修改: 2026-06-17 10:38
golang.org/x/net CVE-2026-39821 高危 v0.40.0 0.55.0 golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39821

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:42
golang.org/x/net CVE-2026-42502 高危 v0.40.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42502

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
golang.org/x/net CVE-2026-42506 高危 v0.40.0 0.55.0 Parsing arbitrary HTML which is then rendered using Render can result ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42506

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 16:16 修改: 2026-06-17 10:47
stdlib CVE-2026-27145 高危 v1.26.3 1.25.11, 1.26.4 *x509.Certificate).VerifyHostname previously called matchHostnames in ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:26
stdlib CVE-2026-42504 高危 v1.26.3 1.25.11, 1.26.4 Decoding a maliciously-crafted MIME header containing many invalid enc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
golang.org/x/net CVE-2025-47911 中危 v0.40.0 0.45.0 golang.org/x/net/html: Quadratic parsing complexity in golang.org/x/net/html

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47911

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:28
golang.org/x/net CVE-2025-58190 中危 v0.40.0 0.45.0 golang.org/x/net/html: Infinite parsing loop in golang.org/x/net

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58190

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-02-05 18:16 修改: 2026-06-17 09:44
stdlib CVE-2026-42507 中危 v1.26.3 1.25.11, 1.26.4 net/textproto: golang: Golang net/textproto: Misleading error messages via input injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-06-02 23:16 修改: 2026-06-17 10:47
golang.org/x/sys CVE-2026-39824 未知 v0.33.0 0.44.0 Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39824

镜像层: sha256:e8c084c1b320c172e8be941d735d77298e49986014213a8282c9b533ee216a61

发布日期: 2026-05-22 20:16 修改: 2026-06-17 10:42
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×