org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.1 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
|
org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.3 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
|
org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.3 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
|
org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.3 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
|
org.apache.derby:derby |
CVE-2022-46337 |
严重 |
10.14.2.0 |
10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0 |
A cleverly devised username might bypass LDAP authentication checks. I ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46337
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-11-20 09:15 修改: 2024-04-26 16:08
|
org.apache.spark:spark-core_2.12 |
CVE-2023-22946 |
严重 |
3.3.2 |
3.3.3 |
Apache Spark vulnerable to Improper Privilege Management
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22946
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-04-17 08:15 修改: 2023-04-26 23:00
|
com.google.protobuf:protobuf-java |
CVE-2022-3510 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Message-Type Extensions parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
|
com.google.protobuf:protobuf-java |
CVE-2022-3510 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Message-Type Extensions parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
|
com.google.protobuf:protobuf-java |
CVE-2022-3510 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Message-Type Extensions parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
|
com.google.protobuf:protobuf-java |
CVE-2022-3510 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Message-Type Extensions parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
|
com.google.protobuf:protobuf-java |
CVE-2022-3510 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Message-Type Extensions parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
|
com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.17.3 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
|
com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.17.3 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
|
com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.17.3 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
|
com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.17.3 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
|
com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.17.3 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
|
com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.21.12 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
|
com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.11.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50
|
dnsjava:dnsjava |
CVE-2024-25638 |
高危 |
3.4.0 |
3.6.0 |
dnsjava: Improper response validation allowing DNSSEC bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15
|
io.airlift:aircompressor |
CVE-2024-36114 |
高危 |
0.21 |
0.27 |
Decompressors can crash the JVM and leak memory content in Aircompressor
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
|
io.airlift:aircompressor |
CVE-2024-36114 |
高危 |
0.21 |
0.27 |
Decompressors can crash the JVM and leak memory content in Aircompressor
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
|
io.airlift:aircompressor |
CVE-2024-36114 |
高危 |
0.21 |
0.27 |
Decompressors can crash the JVM and leak memory content in Aircompressor
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
|
io.airlift:aircompressor |
CVE-2024-36114 |
高危 |
0.25 |
0.27 |
Decompressors can crash the JVM and leak memory content in Aircompressor
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
|
io.netty:netty-codec-http2 |
GHSA-xpw8-rcwv-8f8p |
高危 |
4.1.86.Final |
4.1.100.Final |
io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack
漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
io.netty:netty-common |
CVE-2024-47535 |
高危 |
4.1.86.Final |
4.1.115 |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
|
com.google.code.gson:gson |
CVE-2022-25647 |
高危 |
2.8.6 |
2.8.9 |
com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
|
org.apache.avro:avro |
CVE-2023-39410 |
高危 |
1.11.1 |
1.11.3 |
apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15
|
com.google.protobuf:protobuf-java |
CVE-2022-3509 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Textformat parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
|
com.google.protobuf:protobuf-java |
CVE-2022-3509 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Textformat parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
|
com.google.protobuf:protobuf-java |
CVE-2022-3509 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Textformat parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
|
org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.21 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
org.apache.commons:commons-compress |
CVE-2021-35515 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: infinite loop when reading a specially crafted 7Z archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35515 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: infinite loop when reading a specially crafted 7Z archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35515 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: infinite loop when reading a specially crafted 7Z archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35516 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35516 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35516 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35517 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35517 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-35517 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-36090 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-36090 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2021-36090 |
高危 |
1.4.1 |
1.21 |
apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
|
org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.4.1 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.4.1 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.4.1 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
com.google.protobuf:protobuf-java |
CVE-2022-3509 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Textformat parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
|
org.apache.ivy:ivy |
CVE-2022-46751 |
高危 |
2.5.1 |
2.5.2 |
apache-ivy: XML External Entity vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46751
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-08-21 07:15 修改: 2024-09-27 21:35
|
com.google.protobuf:protobuf-java |
CVE-2022-3509 |
高危 |
3.17.3 |
3.16.3, 3.19.6, 3.20.3, 3.21.7 |
protobuf-java: Textformat parsing issue leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
|
org.apache.thrift:libthrift |
CVE-2018-1320 |
高危 |
0.9.3 |
0.9.3-1, 0.12.0 |
thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1320
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:55
|
org.apache.thrift:libthrift |
CVE-2019-0205 |
高危 |
0.9.3 |
0.13.0 |
thrift: Endless loop when feed with specific input data
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2019-10-29 19:15 修改: 2023-11-07 03:01
|
org.apache.thrift:libthrift |
CVE-2020-13949 |
高危 |
0.9.3 |
0.14.0 |
libthrift: potential DoS when processing untrusted payloads
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-02-12 20:15 修改: 2023-11-07 03:17
|
org.jboss.xnio:xnio-api |
CVE-2023-5685 |
高危 |
3.8.8.Final |
3.8.14.Final |
xnio: StackOverflowException when the chain of notifier states becomes problematically big
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5685
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-03-22 19:15 修改: 2024-05-08 09:15
|
org.xerial.snappy:snappy-java |
CVE-2023-34455 |
高危 |
1.1.8.4 |
1.1.10.1 |
snappy-java: Unchecked chunk length leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17
|
org.xerial.snappy:snappy-java |
CVE-2023-43642 |
高危 |
1.1.8.4 |
1.1.10.4 |
snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46
|
com.google.guava:guava |
CVE-2023-2976 |
中危 |
27.0-jre |
32.0.0-android |
guava: insecure temporary directory creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
|
com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
3.17.3 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
|
com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
3.17.3 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
|
com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
3.17.3 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
|
com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
3.17.3 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
|
org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.21 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
|
org.apache.commons:commons-configuration2 |
CVE-2024-29131 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-03-21 09:15 修改: 2024-08-28 15:35
|
org.apache.commons:commons-configuration2 |
CVE-2024-29133 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
|
com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
3.17.3 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
|
io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.86.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
|
com.google.guava:guava |
CVE-2018-10237 |
中危 |
14.0.1 |
24.1.1-android |
guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
|
com.google.guava:guava |
CVE-2023-2976 |
中危 |
14.0.1 |
32.0.0-android |
guava: insecure temporary directory creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
|
io.netty:netty-handler |
CVE-2023-34462 |
中危 |
4.1.86.Final |
4.1.94.Final |
netty: SniHandler 16MB allocation leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15
|
org.apache.ant:ant |
CVE-2020-1945 |
中危 |
1.9.1 |
1.9.15, 1.10.8 |
ant: insecure temporary file vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1945
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2020-05-14 16:15 修改: 2023-11-07 03:19
|
org.apache.thrift:libthrift |
CVE-2018-11798 |
中危 |
0.9.3 |
0.12.0 |
thrift: Improper Access Control grants access to files outside the webservers docroot path
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11798
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:51
|
org.apache.zookeeper:zookeeper |
CVE-2024-23944 |
中危 |
3.7.2 |
3.8.4, 3.9.2 |
Information disclosure in persistent watchers handling in Apache ZooKe ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23944
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-03-15 11:15 修改: 2024-11-15 21:35
|
org.bouncycastle:bcprov-jdk15on |
CVE-2023-33201 |
中危 |
1.70 |
|
bouncycastle: potential blind LDAP injection attack using a self-signed certificate
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
|
org.bouncycastle:bcprov-jdk15on |
CVE-2024-29857 |
中危 |
1.70 |
1.78 |
org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-14 15:17 修改: 2024-08-15 19:35
|
org.bouncycastle:bcprov-jdk15on |
CVE-2024-30171 |
中危 |
1.70 |
1.78 |
bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
|
org.bouncycastle:bcprov-jdk15on |
CVE-2024-30172 |
中危 |
1.70 |
1.78 |
org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-05-14 15:21 修改: 2024-11-05 18:35
|
org.eclipse.jetty:jetty-http |
CVE-2023-40167 |
中危 |
9.4.48.v20220622 |
9.4.52, 10.0.16, 11.0.16, 12.0.1 |
jetty: Improper validation of HTTP/1 content-length
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
|
org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.48.v20220622 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
|
org.eclipse.jetty:jetty-http |
CVE-2023-40167 |
中危 |
9.4.51.v20230217 |
9.4.52, 10.0.16, 11.0.16, 12.0.1 |
jetty: Improper validation of HTTP/1 content-length
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
|
org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.51.v20230217 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
|
org.eclipse.jetty:jetty-server |
CVE-2023-26048 |
中危 |
9.4.48.v20220622 |
9.4.51.v20230217, 10.0.14, 11.0.14 |
jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
|
org.eclipse.jetty:jetty-server |
CVE-2024-8184 |
中危 |
9.4.48.v20220622 |
12.0.9, 10.0.24, 11.0.24, 9.4.56 |
org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
|
org.eclipse.jetty:jetty-server |
CVE-2024-8184 |
中危 |
9.4.51.v20230217 |
12.0.9, 10.0.24, 11.0.24, 9.4.56 |
org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
|
org.eclipse.jetty:jetty-servlets |
CVE-2024-9823 |
中危 |
9.4.48.v20220622 |
9.4.54, 10.0.18, 11.0.18 |
org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9823
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2024-10-14 15:15 修改: 2024-10-15 12:57
|
org.apache.ant:ant |
CVE-2021-36373 |
中危 |
1.9.1 |
1.9.16, 1.10.11 |
ant: excessive memory allocation when reading a specially crafted TAR archive
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
|
org.jetbrains.kotlin:kotlin-stdlib |
CVE-2022-24329 |
中危 |
1.5.32 |
1.6.0 |
kotlin: Not possible to lock dependencies for Multiplatform Gradle Projects
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24329
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2022-02-25 15:15 修改: 2024-10-29 15:36
|
org.apache.ant:ant |
CVE-2021-36374 |
中危 |
1.9.1 |
1.9.16, 1.10.11 |
ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
|
com.squareup.okio:okio |
CVE-2023-3635 |
中危 |
1.15.0 |
3.4.0, 1.17.6 |
okio: GzipSource class improper exception handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17
|
org.xerial.snappy:snappy-java |
CVE-2023-34453 |
中危 |
1.1.8.4 |
1.1.10.1 |
snappy-java: Integer overflow in shuffle leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59
|
org.xerial.snappy:snappy-java |
CVE-2023-34454 |
中危 |
1.1.8.4 |
1.1.10.1 |
snappy-java: Integer overflow in compress leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-06-15 17:15 修改: 2023-06-27 16:04
|
com.google.guava:guava |
CVE-2020-8908 |
低危 |
14.0.1 |
32.0.0-android |
guava: local information disclosure via temporary directory created with unsafe permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
|
com.google.guava:guava |
CVE-2020-8908 |
低危 |
27.0-jre |
32.0.0-android |
guava: local information disclosure via temporary directory created with unsafe permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
|
org.eclipse.jetty:jetty-servlets |
CVE-2023-36479 |
低危 |
9.4.48.v20220622 |
9.4.52, 10.0.16, 11.0.16 |
jetty: Improper addition of quotation marks to user inputs in CgiServlet
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36479
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-09-15 19:15 修改: 2023-10-16 19:20
|
org.eclipse.jetty:jetty-xml |
GHSA-58qw-p7qm-5rvh |
低危 |
9.4.51.v20230217 |
10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823 |
Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations
漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
org.eclipse.jetty:jetty-server |
CVE-2023-26049 |
低危 |
9.4.48.v20220622 |
9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 |
jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049
镜像层: sha256:abf1f2a0908116cacd084a3146f76519abe7776a07bcccf10db82959ea96a77a
发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
|