docker.io/apache/amoro:0.7.1-incubating linux/amd64

docker.io/apache/amoro:0.7.1-incubating - Trivy安全扫描结果 扫描时间: 2024-11-22 23:41
全部漏洞信息
低危漏洞:52 中危漏洞:51 高危漏洞:50 严重漏洞:6

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2024-11-22 23:41

docker.io/apache/amoro:0.7.1-incubating (ubuntu 22.04) (ubuntu)
低危漏洞:47 中危漏洞:17 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
gcc-12-base CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15

libgcc-s1 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15

libgcrypt20 CVE-2024-2236 中危 1.9.4-3ubuntu3 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15

libgssapi-krb5-2 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5-3 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5support0 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libpam-modules CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam-modules CVE-2024-10963 中危 1.4.0-11ubuntu2.4 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libpam-modules-bin CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam-modules-bin CVE-2024-10963 中危 1.4.0-11ubuntu2.4 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libpam-runtime CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam-runtime CVE-2024-10963 中危 1.4.0-11ubuntu2.4 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libpam0g CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam0g CVE-2024-10963 中危 1.4.0-11ubuntu2.4 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libstdc++6 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15

wget CVE-2021-31879 中危 1.21.2-2ubuntu1.1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52

libcurl4 CVE-2024-9681 低危 7.81.0-1ubuntu1.18 7.81.0-1ubuntu1.19 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17

curl CVE-2024-9681 低危 7.81.0-1ubuntu1.18 7.81.0-1ubuntu1.19 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17

libgcc-s1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

dirmngr CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

coreutils CVE-2016-2781 低危 8.32-4.1ubuntu1.2 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32

libgssapi-krb5-2 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libgssapi-krb5-2 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

gcc-12-base CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

libk5crypto3 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

gnupg CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libkrb5-3 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5-3 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

gnupg-l10n CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libkrb5support0 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5support0 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libncurses6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

libncurses6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

libncursesw6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

libncursesw6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

gnupg-utils CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpg CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpg-agent CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpg-wks-client CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpg-wks-server CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpgconf CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpgsm CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpgv CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libpcre2-8-0 CVE-2022-41409 低危 10.39-3ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46

libpcre3 CVE-2017-11164 低危 2:8.39-13ubuntu0.22.04.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38

libssl3 CVE-2024-41996 低危 3.0.2-0ubuntu1.18 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

libc-bin CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

libstdc++6 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45

libsystemd0 CVE-2023-7008 低危 249.11-0ubuntu3.12 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

libtinfo6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

libtinfo6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

libudev1 CVE-2023-7008 低危 249.11-0ubuntu3.12 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16

libzstd1 CVE-2022-4899 低危 1.4.8+dfsg-3build1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59

locales CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

login CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05

ncurses-base CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

ncurses-base CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

ncurses-bin CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

ncurses-bin CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

openssl CVE-2024-41996 低危 3.0.2-0ubuntu1.18 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:82764315be30759472acaf9a87404945dc230613a2cd02482a905c4b10f65086

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35

passwd CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05

libc6 CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

Java (jar)
低危漏洞:5 中危漏洞:34 高危漏洞:50 严重漏洞:6
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.avro:avro CVE-2024-47561 严重 1.11.1 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15

org.apache.avro:avro CVE-2024-47561 严重 1.11.3 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15

org.apache.avro:avro CVE-2024-47561 严重 1.11.3 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15

org.apache.avro:avro CVE-2024-47561 严重 1.11.3 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15

org.apache.derby:derby CVE-2022-46337 严重 10.14.2.0 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0 A cleverly devised username might bypass LDAP authentication checks. I ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46337

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-11-20 09:15 修改: 2024-04-26 16:08

org.apache.spark:spark-core_2.12 CVE-2023-22946 严重 3.3.2 3.3.3 Apache Spark vulnerable to Improper Privilege Management

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22946

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-04-17 08:15 修改: 2023-04-26 23:00

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.31 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35

commons-io:commons-io CVE-2024-47554 高危 2.11.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50

dnsjava:dnsjava CVE-2024-25638 高危 3.4.0 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15

io.airlift:aircompressor CVE-2024-36114 高危 0.21 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15

io.airlift:aircompressor CVE-2024-36114 高危 0.21 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15

io.airlift:aircompressor CVE-2024-36114 高危 0.21 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15

io.airlift:aircompressor CVE-2024-36114 高危 0.25 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15

io.netty:netty-codec-http2 GHSA-xpw8-rcwv-8f8p 高危 4.1.86.Final 4.1.100.Final io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

io.netty:netty-common CVE-2024-47535 高危 4.1.86.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01

com.google.code.gson:gson CVE-2022-25647 高危 2.8.6 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33

org.apache.avro:avro CVE-2023-39410 高危 1.11.1 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

org.apache.commons:commons-compress CVE-2024-25710 高危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

org.apache.commons:commons-compress CVE-2021-35515 高危 1.4.1 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35515 高危 1.4.1 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35515 高危 1.4.1 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35516 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35516 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35516 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35517 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35517 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-35517 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-36090 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-36090 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2021-36090 高危 1.4.1 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36

org.apache.commons:commons-compress CVE-2024-25710 高危 1.4.1 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

org.apache.commons:commons-compress CVE-2024-25710 高危 1.4.1 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

org.apache.commons:commons-compress CVE-2024-25710 高危 1.4.1 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

org.apache.ivy:ivy CVE-2022-46751 高危 2.5.1 2.5.2 apache-ivy: XML External Entity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46751

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-08-21 07:15 修改: 2024-09-27 21:35

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

org.apache.thrift:libthrift CVE-2018-1320 高危 0.9.3 0.9.3-1, 0.12.0 thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1320

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:55

org.apache.thrift:libthrift CVE-2019-0205 高危 0.9.3 0.13.0 thrift: Endless loop when feed with specific input data

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2019-10-29 19:15 修改: 2023-11-07 03:01

org.apache.thrift:libthrift CVE-2020-13949 高危 0.9.3 0.14.0 libthrift: potential DoS when processing untrusted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-02-12 20:15 修改: 2023-11-07 03:17

org.jboss.xnio:xnio-api CVE-2023-5685 高危 3.8.8.Final 3.8.14.Final xnio: StackOverflowException when the chain of notifier states becomes problematically big

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5685

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-03-22 19:15 修改: 2024-05-08 09:15

org.xerial.snappy:snappy-java CVE-2023-34455 高危 1.1.8.4 1.1.10.1 snappy-java: Unchecked chunk length leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17

org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.8.4 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46

com.google.guava:guava CVE-2023-2976 中危 27.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54

org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-03-21 09:15 修改: 2024-08-28 15:35

org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.86.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15

com.google.guava:guava CVE-2018-10237 中危 14.0.1 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51

com.google.guava:guava CVE-2023-2976 中危 14.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

io.netty:netty-handler CVE-2023-34462 中危 4.1.86.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15

org.apache.ant:ant CVE-2020-1945 中危 1.9.1 1.9.15, 1.10.8 ant: insecure temporary file vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1945

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2020-05-14 16:15 修改: 2023-11-07 03:19

org.apache.thrift:libthrift CVE-2018-11798 中危 0.9.3 0.12.0 thrift: Improper Access Control grants access to files outside the webservers docroot path

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11798

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:51

org.apache.zookeeper:zookeeper CVE-2024-23944 中危 3.7.2 3.8.4, 3.9.2 Information disclosure in persistent watchers handling in Apache ZooKe ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23944

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-03-15 11:15 修改: 2024-11-15 21:35

org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15

org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-14 15:17 修改: 2024-08-15 19:35

org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35

org.bouncycastle:bcprov-jdk15on CVE-2024-30172 中危 1.70 1.78 org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-05-14 15:21 修改: 2024-11-05 18:35

org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.48.v20220622 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.48.v20220622 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15

org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.51.v20230217 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.51.v20230217 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15

org.eclipse.jetty:jetty-server CVE-2023-26048 中危 9.4.48.v20220622 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15

org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.48.v20220622 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00

org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.51.v20230217 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00

org.eclipse.jetty:jetty-servlets CVE-2024-9823 中危 9.4.48.v20220622 9.4.54, 10.0.18, 11.0.18 org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9823

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2024-10-14 15:15 修改: 2024-10-15 12:57

org.apache.ant:ant CVE-2021-36373 中危 1.9.1 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36

org.jetbrains.kotlin:kotlin-stdlib CVE-2022-24329 中危 1.5.32 1.6.0 kotlin: Not possible to lock dependencies for Multiplatform Gradle Projects

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24329

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2022-02-25 15:15 修改: 2024-10-29 15:36

org.apache.ant:ant CVE-2021-36374 中危 1.9.1 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36

com.squareup.okio:okio CVE-2023-3635 中危 1.15.0 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17

org.xerial.snappy:snappy-java CVE-2023-34453 中危 1.1.8.4 1.1.10.1 snappy-java: Integer overflow in shuffle leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59

org.xerial.snappy:snappy-java CVE-2023-34454 中危 1.1.8.4 1.1.10.1 snappy-java: Integer overflow in compress leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-06-15 17:15 修改: 2023-06-27 16:04

com.google.guava:guava CVE-2020-8908 低危 14.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

com.google.guava:guava CVE-2020-8908 低危 27.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

org.eclipse.jetty:jetty-servlets CVE-2023-36479 低危 9.4.48.v20220622 9.4.52, 10.0.16, 11.0.16 jetty: Improper addition of quotation marks to user inputs in CgiServlet

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36479

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-09-15 19:15 修改: 2023-10-16 19:20

org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh 低危 9.4.51.v20230217 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823 Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations

漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

org.eclipse.jetty:jetty-server CVE-2023-26049 低危 9.4.48.v20220622 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a

发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36