docker.io/apache/dolphinscheduler-master:3.1.7 linux/amd64

docker.io/apache/dolphinscheduler-master:3.1.7 - Trivy安全扫描结果扫描时间: 2026-06-10 10:17

全部漏洞信息

低危漏洞:146

中危漏洞:273

高危漏洞:66

严重漏洞:8

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2026-06-10 10:17

docker.io/apache/dolphinscheduler-master:3.1.7 (ubuntu 22.04) (ubuntu)

低危漏洞:135

中危漏洞:219

高危漏洞:7

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
curl	CVE-2023-38545	高危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.14	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
gpgv	CVE-2025-68973	高危	2.2.27-3ubuntu2.1	2.2.27-3ubuntu2.5	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-12-28 17:16 修改: 2026-01-14 19:16
libc-bin	CVE-2023-4911	高危	2.35-0ubuntu3.1	2.35-0ubuntu3.4	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-10-03 18:15 修改: 2026-05-12 16:24
libc6	CVE-2023-4911	高危	2.35-0ubuntu3.1	2.35-0ubuntu3.4	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-10-03 18:15 修改: 2026-05-12 16:24
libcurl4	CVE-2023-38545	高危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.14	curl: heap based buffer overflow in the SOCKS5 proxy handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38545 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libnghttp2-14	CVE-2023-44487	高危	1.43.0-1build3	1.43.0-1ubuntu0.1	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-10 14:15 修改: 2026-05-12 15:10
locales	CVE-2023-4911	高危	2.35-0ubuntu3.1	2.35-0ubuntu3.4	glibc: buffer overflow in ld.so leading to privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4911 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-03 18:15 修改: 2026-05-12 16:24
curl	CVE-2024-8096	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.18	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-09-11 10:15 修改: 2025-07-30 19:42
curl	CVE-2025-14017	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
curl	CVE-2026-1965	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
curl	CVE-2026-3783	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
curl	CVE-2026-5545	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
curl	CVE-2026-6253	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
curl	CVE-2026-6429	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
curl	CVE-2026-7168	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
bsdutils	CVE-2024-28085	中危	1:2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
gpgv	CVE-2025-30258	中危	2.2.27-3ubuntu2.1	2.2.27-3ubuntu2.3	gnupg: verification DoS due to a malicious subkey in the keyring 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-03-19 20:15 修改: 2025-10-16 16:53
libblkid1	CVE-2024-28085	中危	2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libblkid1	CVE-2026-27456	中危	2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
bsdutils	CVE-2026-27456	中危	1:2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libc-bin	CVE-2023-5156	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: DoS due to memory leak in getaddrinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5156 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-25 16:15 修改: 2024-11-21 08:41
libc-bin	CVE-2024-2961	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.7	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
libc-bin	CVE-2024-33599	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc-bin	CVE-2024-33600	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc-bin	CVE-2024-33601	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc-bin	CVE-2024-33602	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc-bin	CVE-2025-0395	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.9	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
libc-bin	CVE-2025-15281	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc-bin	CVE-2025-4802	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.10	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
libc-bin	CVE-2025-8058	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.11	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libc-bin	CVE-2026-0861	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libc-bin	CVE-2026-0915	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc-bin	CVE-2026-4046	中危	2.35-0ubuntu3.1		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin	CVE-2026-5435	中危	2.35-0ubuntu3.1		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin	CVE-2026-6238	中危	2.35-0ubuntu3.1		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
bash	CVE-2022-3715	中危	5.1-6ubuntu1	5.1-6ubuntu1.1	bash: a heap-buffer-overflow in valid_parameter_transform 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3715 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-01-05 15:15 修改: 2025-11-03 22:16
libc6	CVE-2023-5156	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: DoS due to memory leak in getaddrinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5156 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-25 16:15 修改: 2024-11-21 08:41
libc6	CVE-2024-2961	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.7	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
libc6	CVE-2024-33599	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2024-33600	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2024-33601	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2024-33602	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
libc6	CVE-2025-0395	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.9	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
libc6	CVE-2025-15281	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
libc6	CVE-2025-4802	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.10	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
libc6	CVE-2025-8058	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.11	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
libc6	CVE-2026-0861	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
libc6	CVE-2026-0915	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
libc6	CVE-2026-4046	中危	2.35-0ubuntu3.1		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6	CVE-2026-5435	中危	2.35-0ubuntu3.1		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6	CVE-2026-6238	中危	2.35-0ubuntu3.1		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libcap2	CVE-2023-2603	中危	1:2.44-1build3	1:2.44-1ubuntu0.22.04.1	libcap: Integer Overflow in _libcap_strdup() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2603 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-06-06 20:15 修改: 2025-12-02 21:15
libcap2	CVE-2025-1390	中危	1:2.44-1build3	1:2.44-1ubuntu0.22.04.2	libcap: pam_cap: Fix potential configuration parsing error 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-1390 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-02-18 03:15 修改: 2026-04-15 00:35
libcap2	CVE-2026-4878	中危	1:2.44-1build3	1:2.44-1ubuntu0.22.04.3	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-09 16:16 修改: 2026-06-08 03:16
curl	CVE-2023-46218	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.15	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-12-07 01:15 修改: 2026-05-12 11:16
libcurl4	CVE-2023-46218	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.15	curl: information disclosure by exploiting a mixed case flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46218 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-12-07 01:15 修改: 2026-05-12 11:16
libcurl4	CVE-2024-2398	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.16	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libcurl4	CVE-2024-7264	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.17	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
libcurl4	CVE-2024-8096	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.18	curl: OCSP stapling bypass with GnuTLS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-09-11 10:15 修改: 2025-07-30 19:42
libcurl4	CVE-2025-14017	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-27 21:29
libcurl4	CVE-2026-1965	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-11 11:15 修改: 2026-03-12 14:11
libcurl4	CVE-2026-3783	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-11 11:16 修改: 2026-03-12 14:10
libcurl4	CVE-2026-5545	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:31
libcurl4	CVE-2026-6253	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:40
libcurl4	CVE-2026-6429	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:18
libcurl4	CVE-2026-7168	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:12
libexpat1	CVE-2023-52425	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.3	expat: parsing large tokens can trigger a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-02-04 20:15 修改: 2025-11-04 19:16
libexpat1	CVE-2024-28757	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.3	expat: XML Entity Expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-03-10 05:15 修改: 2025-11-04 22:15
libexpat1	CVE-2024-45490	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.4	libexpat: Negative Length Parsing Vulnerability in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libexpat1	CVE-2024-45491	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.4	libexpat: Integer Overflow or Wraparound 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libexpat1	CVE-2024-45492	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.4	libexpat: integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-08-30 03:15 修改: 2026-05-12 12:17
libexpat1	CVE-2024-50602	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.5	libexpat: expat: DoS via XML_ResumeParser 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-10-27 05:15 修改: 2025-10-15 17:54
libexpat1	CVE-2024-8176	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.6	libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8176 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-03-14 09:15 修改: 2026-04-15 00:35
libexpat1	CVE-2025-66382	中危	2.4.7-1ubuntu0.2		libexpat: libexpat: Denial of service via crafted file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66382 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-11-28 07:15 修改: 2026-06-02 14:16
libexpat1	CVE-2026-24515	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.7	libexpat: libexpat null pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-23 08:16 修改: 2026-06-02 14:16
libexpat1	CVE-2026-25210	中危	2.4.7-1ubuntu0.2	2.4.7-1ubuntu0.7	libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-30 07:16 修改: 2026-06-02 14:16
libfreetype6	CVE-2025-27363	中危	2.11.1+dfsg-1ubuntu0.1	2.11.1+dfsg-1ubuntu0.3	freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27363 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-03-11 14:15 修改: 2026-04-20 13:15
libgcrypt20	CVE-2026-41989	中危	1.9.4-3ubuntu3	1.9.4-3ubuntu3.2	Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgnutls30	CVE-2023-5981	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.3	gnutls: timing side-channel in the RSA-PSK authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5981 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-11-28 12:15 修改: 2026-03-25 20:01
libgnutls30	CVE-2024-0553	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.4	gnutls: incomplete fix for CVE-2023-5981 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-01-16 12:15 修改: 2026-03-24 12:16
libgnutls30	CVE-2024-0567	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.4	gnutls: rejects certificate chain with distributed trust 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0567 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-01-16 14:15 修改: 2024-11-21 08:46
libgnutls30	CVE-2024-12243	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.6	gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
libgnutls30	CVE-2024-28834	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.5	gnutls: vulnerable to Minerva side-channel information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-21 14:15 修改: 2026-04-15 00:35
libgnutls30	CVE-2024-28835	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.5	gnutls: potential crash during chain building/verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-21 06:15 修改: 2026-04-15 00:35
libgnutls30	CVE-2025-14831	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.8	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-02-09 15:16 修改: 2026-05-14 23:16
libgnutls30	CVE-2025-32988	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.7	gnutls: Vulnerability in GnuTLS otherName SAN export 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
libgnutls30	CVE-2025-32989	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.7	gnutls: Vulnerability in GnuTLS SCT extension parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32989 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-10 08:15 修改: 2026-05-12 13:16
libgnutls30	CVE-2025-32990	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.7	gnutls: Vulnerability in GnuTLS certtool template parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-10 10:15 修改: 2026-04-20 22:16
libgnutls30	CVE-2025-6395	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.7	gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-10 16:15 修改: 2026-05-12 13:17
libgnutls30	CVE-2026-33845	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-33846	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-3832	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libgnutls30	CVE-2026-3833	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42009	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
libgnutls30	CVE-2026-42010	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-07 12:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42011	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42012	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42013	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-42014	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libgnutls30	CVE-2026-42015	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30	CVE-2026-5260	中危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.9	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgssapi-krb5-2	CVE-2023-36054	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.3	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libgssapi-krb5-2	CVE-2024-3596	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.5	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
libgssapi-krb5-2	CVE-2024-37370	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
libgssapi-krb5-2	CVE-2024-37371	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libgssapi-krb5-2	CVE-2025-24528	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libgssapi-krb5-2	CVE-2025-3576	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libk5crypto3	CVE-2023-36054	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.3	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libk5crypto3	CVE-2024-3596	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.5	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
libk5crypto3	CVE-2024-37370	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
libk5crypto3	CVE-2024-37371	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libk5crypto3	CVE-2025-24528	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libk5crypto3	CVE-2025-3576	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libkrb5-3	CVE-2023-36054	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.3	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libkrb5-3	CVE-2024-3596	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.5	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
libkrb5-3	CVE-2024-37370	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
libkrb5-3	CVE-2024-37371	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libkrb5-3	CVE-2025-24528	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libkrb5-3	CVE-2025-3576	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libkrb5support0	CVE-2023-36054	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.3	krb5: Denial of service through freeing uninitialized pointer 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-07 19:15 修改: 2024-11-21 08:09
libkrb5support0	CVE-2024-3596	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.5	freeradius: forgery attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-07-09 12:15 修改: 2026-05-12 12:16
libkrb5support0	CVE-2024-37370	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 22:15 修改: 2026-05-12 12:16
libkrb5support0	CVE-2024-37371	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.4	krb5: GSS message token handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-28 23:15 修改: 2026-05-12 12:16
libkrb5support0	CVE-2025-24528	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: overflow when calculating ulog block size 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-16 18:16 修改: 2026-04-15 00:35
libkrb5support0	CVE-2025-3576	中危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.7	krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-04-15 06:15 修改: 2026-05-12 13:17
libmount1	CVE-2024-28085	中危	2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libmount1	CVE-2026-27456	中危	2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libncurses6	CVE-2023-29491	中危	6.3-2	6.3-2ubuntu0.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
libncursesw6	CVE-2023-29491	中危	6.3-2	6.3-2ubuntu0.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
curl	CVE-2024-2398	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.16	curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-03-27 08:15 修改: 2025-07-30 19:42
libnghttp2-14	CVE-2024-28182	中危	1.43.0-1build3	1.43.0-1ubuntu0.2	nghttp2: CONTINUATION frames DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-04-04 15:15 修改: 2025-11-04 19:17
libnghttp2-14	CVE-2026-27135	中危	1.43.0-1build3	1.43.0-1ubuntu0.3	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-18 18:16 修改: 2026-05-13 22:16
libpam-modules	CVE-2024-22365	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam-modules	CVE-2025-6020	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.6	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam-modules-bin	CVE-2024-22365	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam-modules-bin	CVE-2025-6020	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.6	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam-runtime	CVE-2024-22365	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam-runtime	CVE-2025-6020	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.6	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpam0g	CVE-2024-22365	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.4	pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-06 08:15 修改: 2026-05-12 12:16
libpam0g	CVE-2025-6020	中危	1.4.0-11ubuntu2.3	1.4.0-11ubuntu2.6	linux-pam: Linux-pam directory Traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-06-17 13:15 修改: 2026-05-12 13:17
libpng16-16	CVE-2025-64505	中危	1.6.37-3build5	1.6.37-3ubuntu0.1	libpng: LIBPNG heap buffer overflow via malformed palette index 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64505 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:28
libpng16-16	CVE-2025-64506	中危	1.6.37-3build5	1.6.37-3ubuntu0.1	libpng: LIBPNG heap buffer over-read 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64506 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:34
libpng16-16	CVE-2025-64720	中危	1.6.37-3build5	1.6.37-3ubuntu0.1	libpng: LIBPNG buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64720 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:35
libpng16-16	CVE-2025-65018	中危	1.6.37-3build5	1.6.37-3ubuntu0.1	libpng: LIBPNG heap buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-65018 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-11-25 00:15 修改: 2025-11-26 18:34
libpng16-16	CVE-2025-66293	中危	1.6.37-3build5	1.6.37-3ubuntu0.3	libpng: LIBPNG out-of-bounds read in png_image_read_composite 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66293 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-12-03 21:15 修改: 2025-12-16 19:12
libpng16-16	CVE-2026-22695	中危	1.6.37-3build5	1.6.37-3ubuntu0.3	libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22695 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng16-16	CVE-2026-22801	中危	1.6.37-3build5	1.6.37-3ubuntu0.3	libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22801 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng16-16	CVE-2026-25646	中危	1.6.37-3build5	1.6.37-3ubuntu0.4	libpng: LIBPNG has a heap buffer overflow in png_set_quantize 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25646 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-02-10 18:16 修改: 2026-02-13 20:43
libpng16-16	CVE-2026-33416	中危	1.6.37-3build5	1.6.37-3ubuntu0.5	libpng: libpng: Arbitrary code execution due to use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33416 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 17:16 修改: 2026-04-02 20:28
libpng16-16	CVE-2026-33636	中危	1.6.37-3build5	1.6.37-3ubuntu0.5	libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33636 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 17:16 修改: 2026-04-02 18:42
libpng16-16	CVE-2026-34757	中危	1.6.37-3build5	1.6.37-3ubuntu0.5	libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-09 15:16 修改: 2026-05-13 23:07
libpng16-16	CVE-2026-40930	中危	1.6.37-3build5		LIBPNG is a reference library for use in applications that process PNG ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40930 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-06-04 16:16 修改: 2026-06-04 16:23
libsmartcols1	CVE-2024-28085	中危	2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libsmartcols1	CVE-2026-27456	中危	2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssh-4	CVE-2023-1667	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.1	libssh: NULL pointer dereference during rekeying with algorithm guessing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1667 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-26 18:15 修改: 2024-11-21 07:39
libssh-4	CVE-2023-2283	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.1	libssh: authorization bypass in pki_verify_data_signature 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2283 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-26 18:15 修改: 2025-11-03 21:15
libssh-4	CVE-2023-48795	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.2	ssh: Prefix truncation attack on Binary Packet Protocol (BPP) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-12-18 16:15 修改: 2026-05-12 11:16
libssh-4	CVE-2023-6004	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.3	libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-01-03 17:15 修改: 2025-11-04 19:16
libssh-4	CVE-2023-6918	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.3	libssh: Missing checks for return values for digests 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-12-19 00:15 修改: 2025-02-15 01:15
libssh-4	CVE-2025-4877	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.4	libssh: Write beyond bounds in binary to base64 conversion functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4877 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-08-20 13:15 修改: 2026-05-19 14:16
libssh-4	CVE-2025-4878	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.4	libssh: Use of uninitialized variable in privatekey_from_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4878 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-07-22 15:15 修改: 2026-05-19 14:16
libssh-4	CVE-2025-5318	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.4	libssh: out-of-bounds read in sftp_handle() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-06-24 14:15 修改: 2026-02-27 17:16
libssh-4	CVE-2025-5372	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.4	libssh: Incorrect Return Code Handling in ssh_kdf() in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5372 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-07-04 06:15 修改: 2026-06-08 03:16
libssh-4	CVE-2026-0964	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.6	libssh: Improper sanitation of paths received from SCP servers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssh-4	CVE-2026-0967	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.6	libssh: libssh: Denial of Service via inefficient regular expression processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssh-4	CVE-2026-0968	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.6	libssh: libssh: Denial of Service due to malformed SFTP message 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssh-4	CVE-2026-3731	中危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.7	libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3731 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-08 11:15 修改: 2026-03-12 19:02
libssl3	CVE-2022-40735	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.16	漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-11-14 23:15 修改: 2024-11-21 07:21
libssl3	CVE-2023-2650	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.10	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
libssl3	CVE-2023-5363	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-10-25 18:17 修改: 2026-05-12 11:16
libssl3	CVE-2024-6119	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.18	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
libssl3	CVE-2025-15467	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
libssl3	CVE-2025-9230	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.20	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
libssl3	CVE-2026-31790	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libsystemd0	CVE-2025-4598	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.16	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
libsystemd0	CVE-2026-29111	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.19	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libsystemd0	CVE-2026-40225	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.19	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libsystemd0	CVE-2026-40226	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.21	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libtasn1-6	CVE-2024-12133	中危	4.18.0-4build1	4.18.0-4ubuntu0.1	libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-02-10 16:15 修改: 2026-05-12 12:16
libtasn1-6	CVE-2025-13151	中危	4.18.0-4build1	4.18.0-4ubuntu0.2	libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
libtinfo6	CVE-2023-29491	中危	6.3-2	6.3-2ubuntu0.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
libudev1	CVE-2025-4598	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.16	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-05-30 14:15 修改: 2026-05-19 16:16
libudev1	CVE-2026-29111	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.19	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libudev1	CVE-2026-40225	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.19	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libudev1	CVE-2026-40226	中危	249.11-0ubuntu3.9	249.11-0ubuntu3.21	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libuuid1	CVE-2024-28085	中危	2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
libuuid1	CVE-2026-27456	中危	2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
curl	CVE-2024-7264	中危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.17	curl: libcurl: ASN.1 date parser overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-07-31 08:15 修改: 2025-11-03 23:17
locales	CVE-2023-5156	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: DoS due to memory leak in getaddrinfo.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5156 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-09-25 16:15 修改: 2024-11-21 08:41
locales	CVE-2024-2961	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.7	glibc: Out of bounds write in iconv may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-04-17 18:15 修改: 2026-05-12 12:16
locales	CVE-2024-33599	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
locales	CVE-2024-33600	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
locales	CVE-2024-33601	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
locales	CVE-2024-33602	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.8	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-05-06 20:15 修改: 2026-05-12 12:16
locales	CVE-2025-0395	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.9	glibc: buffer overflow in the GNU C Library's assert() 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-01-22 13:15 修改: 2026-05-12 13:16
locales	CVE-2025-15281	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-20 14:16 修改: 2026-02-05 17:43
locales	CVE-2025-4802	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.10	glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-05-16 20:15 修改: 2025-11-03 20:19
locales	CVE-2025-8058	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.11	glibc: Double free in glibc 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8058 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-07-23 20:15 修改: 2026-04-15 00:35
locales	CVE-2026-0861	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-14 21:15 修改: 2026-02-03 18:26
locales	CVE-2026-0915	中危	2.35-0ubuntu3.1	2.35-0ubuntu3.13	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-15 22:16 修改: 2026-01-23 19:36
locales	CVE-2026-4046	中危	2.35-0ubuntu3.1		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
locales	CVE-2026-5435	中危	2.35-0ubuntu3.1		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
locales	CVE-2026-6238	中危	2.35-0ubuntu3.1		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
mount	CVE-2024-28085	中危	2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
mount	CVE-2026-27456	中危	2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
ncurses-base	CVE-2023-29491	中危	6.3-2	6.3-2ubuntu0.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
ncurses-bin	CVE-2023-29491	中危	6.3-2	6.3-2ubuntu0.1	ncurses: Local users can trigger security-relevant memory corruption via malformed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29491 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 01:15 修改: 2025-11-04 19:15
openssl	CVE-2022-40735	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.16	漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2022-11-14 23:15 修改: 2024-11-21 07:21
openssl	CVE-2023-2650	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.10	openssl: Possible DoS translating ASN.1 object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2650 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-30 14:15 修改: 2025-03-19 16:15
openssl	CVE-2023-5363	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	openssl: Incorrect cipher key and IV length processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5363 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-25 18:17 修改: 2026-05-12 11:16
openssl	CVE-2024-6119	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.18	openssl: Possible denial of service in X.509 name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-09-03 16:15 修改: 2026-05-12 12:17
openssl	CVE-2025-15467	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-06-09 10:16
openssl	CVE-2025-9230	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.20	openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-09-30 14:15 修改: 2026-06-02 14:16
openssl	CVE-2026-31790	中危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
perl-base	CVE-2023-31484	中危	5.34.0-3ubuntu1.1	5.34.0-3ubuntu1.2	perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-29 00:15 修改: 2025-11-03 22:16
perl-base	CVE-2023-47038	中危	5.34.0-3ubuntu1.1	5.34.0-3ubuntu1.3	perl: Write past buffer end via illegal user-defined Unicode property 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-47038 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-18 14:15 修改: 2025-11-04 19:16
perl-base	CVE-2024-56406	中危	5.34.0-3ubuntu1.1	5.34.0-3ubuntu1.4	perl: Perl 5.34, 5.36, 5.38 and 5.40 are vulnerable to a heap buffer overflow when transliterating non-ASCII bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56406 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-04-13 14:15 修改: 2025-10-16 14:15
perl-base	CVE-2025-40909	中危	5.34.0-3ubuntu1.1	5.34.0-3ubuntu1.5	perl: Perl threads have a working directory race condition where file operations may target unintended paths 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-40909 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-05-30 13:15 修改: 2026-04-18 15:16
sed	CVE-2026-5958	中危	4.8-1ubuntu2	4.8-1ubuntu2.1	sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
tar	CVE-2023-39804	中危	1.34+dfsg-1ubuntu0.1.22.04.1	1.34+dfsg-1ubuntu0.1.22.04.2	tar: Incorrectly handled extension attributes in PAX archives can lead to a crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39804 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 04:15 修改: 2025-11-04 19:15
tar	CVE-2025-45582	中危	1.34+dfsg-1ubuntu0.1.22.04.1		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
tar	CVE-2026-5704	中危	1.34+dfsg-1ubuntu0.1.22.04.1		tar: tar: Hidden file injection via crafted archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
util-linux	CVE-2024-28085	中危	2.37.2-4ubuntu3	2.37.2-4ubuntu3.4	util-linux: CVE-2024-28085: wall: escape sequence injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-27 19:15 修改: 2026-05-12 12:16
util-linux	CVE-2026-27456	中危	2.37.2-4ubuntu3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
wget	CVE-2021-31879	中危	1.21.2-2ubuntu1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2021-04-29 05:15 修改: 2024-11-21 06:06
wget	CVE-2024-38428	中危	1.21.2-2ubuntu1	1.21.2-2ubuntu1.1	wget: Misinterpretation of input may lead to improper behavior 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38428 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-06-16 03:15 修改: 2025-04-21 10:15
curl	CVE-2023-28321	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.11	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libcurl4	CVE-2023-28321	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.11	curl: IDN wildcard match may lead to Improper Cerificate Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28321 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-26 21:15 修改: 2025-01-15 16:15
libkrb5support0	CVE-2024-26458	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libkrb5support0	CVE-2024-26461	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
libldap-2.5-0	CVE-2023-2953	低危	2.5.14+dfsg-0ubuntu0.22.04.2	2.5.16+dfsg-0ubuntu0.22.04.2	openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15
liblzma5	CVE-2026-34743	低危	5.2.5-2ubuntu1	5.2.5-2ubuntu1.1	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libcurl4	CVE-2023-28322	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.11	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-26 21:15 修改: 2026-02-13 20:16
libssl3	CVE-2023-1255	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.10	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-20 17:15 修改: 2025-02-04 22:15
libssl3	CVE-2023-2975	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-07-14 12:15 修改: 2025-04-23 17:16
libssl3	CVE-2023-3446	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
libssl3	CVE-2023-3817	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
libssl3	CVE-2023-5678	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
libssl3	CVE-2023-6129	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-01-09 17:15 修改: 2026-05-12 11:16
libssl3	CVE-2023-6237	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-04-25 07:15 修改: 2026-05-12 11:16
libssl3	CVE-2024-0727	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
libssl3	CVE-2024-13176	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.19	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
libssl3	CVE-2024-2511	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16
libssl3	CVE-2024-4603	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-05-16 16:15 修改: 2026-04-15 00:35
libssl3	CVE-2024-4741	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
libssl3	CVE-2024-5535	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
libssl3	CVE-2024-9143	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.19	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
libssl3	CVE-2025-68160	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69418	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69419	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69420	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2025-69421	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-22795	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-22796	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28387	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28388	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28389	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-28390	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3	CVE-2026-31789	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libstdc++6	CVE-2022-27943	低危	12.1.0-2ubuntu1~22.04		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libstdc++6	CVE-2023-4039	低危	12.1.0-2ubuntu1~22.04	12.3.0-1ubuntu1~22.04.2	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
libcurl4	CVE-2023-38546	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.14	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libcurl4	CVE-2024-11053	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.20	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-12-11 08:15 修改: 2025-11-03 21:16
libncurses6	CVE-2022-29458	低危	6.3-2	6.3-2ubuntu0.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
libncurses6	CVE-2023-50495	低危	6.3-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libsystemd0	CVE-2023-7008	低危	249.11-0ubuntu3.9	249.11-0ubuntu3.21	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libsystemd0	CVE-2026-40228	低危	249.11-0ubuntu3.9		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libcurl4	CVE-2024-9681	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.19	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
libncursesw6	CVE-2022-29458	低危	6.3-2	6.3-2ubuntu0.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
libtasn1-6	CVE-2021-46848	低危	4.18.0-4build1	4.18.0-4ubuntu0.2	libtasn1: Out-of-bound access in ETYPE_OK 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46848 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-10-24 14:15 修改: 2025-05-07 15:15
libncursesw6	CVE-2023-50495	低危	6.3-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libtinfo6	CVE-2022-29458	低危	6.3-2	6.3-2ubuntu0.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
libtinfo6	CVE-2023-50495	低危	6.3-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libcurl4	CVE-2025-0167	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-02-05 10:15 修改: 2025-07-30 19:41
libcurl4	CVE-2025-14524	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
libcurl4	CVE-2025-15079	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
libcurl4	CVE-2025-15224	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
libudev1	CVE-2023-7008	低危	249.11-0ubuntu3.9	249.11-0ubuntu3.21	systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libudev1	CVE-2026-40228	低危	249.11-0ubuntu3.9		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libcurl4	CVE-2026-3784	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
libcurl4	CVE-2026-4873	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
libzstd1	CVE-2022-4899	低危	1.4.8+dfsg-3build1		zstd: mysql: buffer overrun in util.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-03-31 20:15 修改: 2025-02-18 18:15
libcurl4	CVE-2026-5773	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
libcurl4	CVE-2026-6276	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
curl	CVE-2023-28322	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.11	curl: more POST-after-PUT confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28322 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-05-26 21:15 修改: 2026-02-13 20:16
libgnutls30	CVE-2025-9820	低危	3.7.3-4ubuntu1.2	3.7.3-4ubuntu1.8	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2026-01-26 20:16 修改: 2026-05-12 13:17
curl	CVE-2023-38546	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.14	curl: cookie injection with none file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38546 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-10-18 04:15 修改: 2026-05-12 11:16
libpcre2-8-0	CVE-2022-41409	低危	10.39-3ubuntu0.1		pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
libpcre3	CVE-2017-11164	低危	2:8.39-13ubuntu0.22.04.1		pcre: OP_KETRMAX feature in the match function in pcre_exec.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
curl	CVE-2024-11053	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.20	curl: curl netrc password leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-12-11 08:15 修改: 2025-11-03 21:16
libc6	CVE-2023-4806	低危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-18 17:15 修改: 2026-05-12 11:16
libc6	CVE-2023-4813	低危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-12 22:15 修改: 2025-09-26 12:15
libc-bin	CVE-2023-4806	低危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-18 17:15 修改: 2026-05-12 11:16
libc-bin	CVE-2023-4813	低危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-12 22:15 修改: 2025-09-26 12:15
libgssapi-krb5-2	CVE-2024-26458	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libgssapi-krb5-2	CVE-2024-26461	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
curl	CVE-2024-9681	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.19	curl: HSTS subdomain overwrites parent cache entry 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-11-06 08:15 修改: 2025-11-03 21:18
libcap2	CVE-2023-2602	低危	1:2.44-1build3	1:2.44-1ubuntu0.22.04.1	libcap: Memory Leak on pthread_create() Error 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2602 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-06-06 20:15 修改: 2024-11-21 07:58
locales	CVE-2023-4806	低危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-09-18 17:15 修改: 2026-05-12 11:16
locales	CVE-2023-4813	低危	2.35-0ubuntu3.1	2.35-0ubuntu3.5	glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-09-12 22:15 修改: 2025-09-26 12:15
login	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.1		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
login	CVE-2023-4641	低危	1:4.8.1-2ubuntu2.1	1:4.8.1-2ubuntu2.2	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-27 16:15 修改: 2025-11-03 20:16
login	CVE-2024-56433	低危	1:4.8.1-2ubuntu2.1		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
curl	CVE-2025-0167	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-02-05 10:15 修改: 2025-07-30 19:41
curl	CVE-2025-14524	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:53
libgcc-s1	CVE-2022-27943	低危	12.1.0-2ubuntu1~22.04		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
ncurses-base	CVE-2022-29458	低危	6.3-2	6.3-2ubuntu0.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
ncurses-base	CVE-2023-50495	低危	6.3-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libprocps8	CVE-2023-4016	低危	2:3.3.17-6ubuntu2	2:3.3.17-6ubuntu2.1	procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-02 05:15 修改: 2024-11-21 08:34
ncurses-bin	CVE-2022-29458	低危	6.3-2	6.3-2ubuntu0.1	ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-04-18 21:15 修改: 2025-06-09 15:15
ncurses-bin	CVE-2023-50495	低危	6.3-2		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libgcc-s1	CVE-2023-4039	低危	12.1.0-2ubuntu1~22.04	12.3.0-1ubuntu1~22.04.2	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
libk5crypto3	CVE-2024-26458	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libk5crypto3	CVE-2024-26461	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
curl	CVE-2025-15079	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:50
libgcrypt20	CVE-2024-2236	低危	1.9.4-3ubuntu3		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
curl	CVE-2025-15224	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.22	curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-08 10:15 修改: 2026-01-20 14:47
curl	CVE-2026-3784	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.23	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-11 11:16 修改: 2026-06-02 14:16
openssl	CVE-2023-1255	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.10	openssl: Input buffer over-read in AES-XTS implementation on 64 bit ARM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1255 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-04-20 17:15 修改: 2025-02-04 22:15
openssl	CVE-2023-2975	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	openssl: AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2975 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-07-14 12:15 修改: 2025-04-23 17:16
openssl	CVE-2023-3446	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	openssl: Excessive time spent checking DH keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3446 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-07-19 12:15 修改: 2025-04-23 17:16
openssl	CVE-2023-3817	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.12	OpenSSL: Excessive time spent checking DH q parameter value 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3817 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-07-31 16:15 修改: 2025-05-05 16:15
openssl	CVE-2023-5678	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2023-11-06 16:15 修改: 2026-05-12 11:16
openssl	CVE-2023-6129	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-01-09 17:15 修改: 2026-05-12 11:16
openssl	CVE-2023-6237	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: Excessive time spent checking invalid RSA public keys 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-04-25 07:15 修改: 2026-05-12 11:16
openssl	CVE-2024-0727	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.14	openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-01-26 09:15 修改: 2026-05-12 12:16
openssl	CVE-2024-13176	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.19	openssl: Timing side-channel in ECDSA signature computation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-01-20 14:15 修改: 2026-04-15 00:35
openssl	CVE-2024-2511	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-04-08 14:15 修改: 2026-05-12 12:16
openssl	CVE-2024-4603	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: Excessive time spent checking DSA keys and parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-05-16 16:15 修改: 2026-04-15 00:35
openssl	CVE-2024-4741	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-11-13 11:15 修改: 2026-04-15 00:35
openssl	CVE-2024-5535	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.17	openssl: SSL_select_next_proto buffer overread 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-06-27 11:15 修改: 2026-05-12 12:17
openssl	CVE-2024-9143	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.19	openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2024-10-16 17:15 修改: 2026-05-12 12:17
openssl	CVE-2025-68160	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69418	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69419	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69420	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2025-69421	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22795	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-22796	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.21	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28387	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28388	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28389	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-28390	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl	CVE-2026-31789	低危	3.0.2-0ubuntu1.9	3.0.2-0ubuntu1.23	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
passwd	CVE-2023-29383	低危	1:4.8.1-2ubuntu2.1		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
passwd	CVE-2023-4641	低危	1:4.8.1-2ubuntu2.1	1:4.8.1-2ubuntu2.2	shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-12-27 16:15 修改: 2025-11-03 20:16
passwd	CVE-2024-56433	低危	1:4.8.1-2ubuntu2.1		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
curl	CVE-2026-4873	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 13:45
curl	CVE-2026-5773	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-13 19:13
libkrb5-3	CVE-2024-26458	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:39
libkrb5-3	CVE-2024-26461	低危	1.19.2-2ubuntu0.1	1.19.2-2ubuntu0.6	krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2024-02-29 01:44 修改: 2025-05-23 15:30
perl-base	CVE-2022-48522	低危	5.34.0-3ubuntu1.1	5.34.0-3ubuntu1.3	perl: stack-based crash in S_find_uninit_var() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48522 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-22 19:16 修改: 2024-11-21 07:33
procps	CVE-2023-4016	低危	2:3.3.17-6ubuntu2	2:3.3.17-6ubuntu2.1	procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-08-02 05:15 修改: 2024-11-21 08:34
curl	CVE-2026-6276	低危	7.81.0-1ubuntu1.10	7.81.0-1ubuntu1.24	curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-05-13 13:01 修改: 2026-05-14 14:21
dpkg	CVE-2025-6297	低危	1.21.1ubuntu2.1	1.21.1ubuntu2.6	It was discovered that dpkg-deb does not properly sanitize directory p ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6297 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2025-07-01 17:15 修改: 2025-08-19 17:50
gcc-12-base	CVE-2022-27943	低危	12.1.0-2ubuntu1~22.04		binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
gcc-12-base	CVE-2023-4039	低危	12.1.0-2ubuntu1~22.04	12.3.0-1ubuntu1~22.04.2	gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039 镜像层: sha256:b8a36d10656ac19ddb96ef3107f76820663717708fc37ce929925c36d1b1d157 发布日期: 2023-09-13 09:15 修改: 2025-02-13 17:17
libssh-4	CVE-2025-8114	低危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.5	libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-07-24 15:15 修改: 2026-05-19 14:16
libssh-4	CVE-2025-8277	低危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.6	libssh: Memory Exhaustion via Repeated Key Exchange in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2025-09-09 12:15 修改: 2026-05-19 14:16
libssh-4	CVE-2026-0965	低危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.6	libssh: libssh: Denial of Service via improper configuration file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16
libssh-4	CVE-2026-0966	低危	0.9.6-2build1	0.9.6-2ubuntu0.22.04.6	libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966 镜像层: sha256:c45c46033aa89a49241285cc08dff25d7b63fdc96c034acd7d9428f97c0e5b20 发布日期: 2026-03-26 21:17 修改: 2026-05-19 14:16

Java (jar)

低危漏洞:11

中危漏洞:54

高危漏洞:59

严重漏洞:8

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
com.baomidou:mybatis-plus	CVE-2023-25330	严重	3.5.2	3.5.3.1	MyBatis-Plus vulnerable to SQL injection via TenantPlugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25330 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-04-05 14:15 修改: 2024-11-21 07:49
org.apache.derby:derby	CVE-2022-46337	严重	10.14.2.0	10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0	A cleverly devised username might bypass LDAP authentication checks. I ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46337 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-11-20 09:15 修改: 2025-06-10 14:15
org.apache.dolphinscheduler:dolphinscheduler-task-api	CVE-2024-43202	严重	3.1.7	3.2.2	Apache Dolphinscheduler Code Injection vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43202 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-08-20 08:15 修改: 2025-03-18 15:57
org.apache.zookeeper:zookeeper	CVE-2023-44981	严重	3.8.0	3.7.2, 3.8.3, 3.9.1	zookeeper: Authorization Bypass in Apache ZooKeeper 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-10-11 12:15 修改: 2025-04-23 17:16
org.postgresql:postgresql	CVE-2024-1597	严重	42.4.1	42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2	pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-02-19 13:15 修改: 2025-11-03 22:16
org.springframework.boot:spring-boot-actuator-autoconfigure	CVE-2023-20873	严重	2.7.3	3.0.6, 2.7.11, 2.6.15, 2.5.15	spring-boot: Security Bypass With Wildcard Pattern Matching on Cloud Foundry 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20873 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-04-20 21:15 修改: 2025-05-05 16:15
org.springframework:spring-web	CVE-2016-1000027	严重	5.3.22	6.0.0	spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2020-01-02 23:15 修改: 2024-11-21 02:42
org.springframework:spring-webmvc	CVE-2023-20860	严重	5.3.22	6.0.7, 5.3.26	springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20860 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-03-27 22:15 修改: 2025-02-19 19:15
com.google.code.gson:gson	CVE-2022-25647	高危	2.8.6	2.8.9	com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-05-01 16:15 修改: 2024-11-21 06:52
com.google.protobuf:protobuf-java	CVE-2021-22569	高危	2.5.0	3.16.1, 3.18.2, 3.19.2	protobuf-java: potential DoS in the parsing procedure for binary data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-01-10 14:10 修改: 2024-11-21 05:50
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	2.5.0	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-09-19 01:15 修改: 2025-09-26 17:10
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	高危	9.8.1	9.37.2	nimbus-jose-jwt: large JWE p2c header value causes Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-02-11 05:15 修改: 2024-11-21 08:39
com.squareup.okhttp3:okhttp	CVE-2021-0341	高危	3.14.9	4.9.2	okhttp: information disclosure via improperly used cryptographic function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-0341 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2021-02-10 17:15 修改: 2024-11-21 05:42
commons-beanutils:commons-beanutils	CVE-2025-48734	高危	1.9.4	1.11.0	commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-05-28 14:15 修改: 2025-11-03 20:19
commons-io:commons-io	CVE-2024-47554	高危	2.11.0	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-10-03 12:15 修改: 2025-07-10 21:10
dnsjava:dnsjava	CVE-2024-25638	高危	2.1.7	3.6.0	dnsjava: Improper response validation allowing DNSSEC bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-07-22 14:15 修改: 2026-04-15 00:35
io.netty:netty-codec	CVE-2021-37136	高危	4.1.53.Final	4.1.68.Final	netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37136 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2021-10-19 15:15 修改: 2024-11-21 06:14
io.netty:netty-codec	CVE-2021-37137	高危	4.1.53.Final	4.1.68.Final	netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37137 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2021-10-19 15:15 修改: 2024-11-21 06:14
io.netty:netty-codec	CVE-2026-42583	高危	4.1.53.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-handler	CVE-2026-44249	高危	4.1.53.Final	4.2.15.Final, 4.1.135.Final	Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
io.netty:netty-handler	CVE-2026-45416	高危	4.1.53.Final	4.2.15.Final, 4.1.135.Final	Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
net.minidev:json-smart	CVE-2021-31684	高危	1.3.2	1.3.3, 2.4.4	json-smart: Denial of Service in JSONParserByteArray function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31684 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2021-06-01 20:15 修改: 2024-11-21 06:06
net.minidev:json-smart	CVE-2023-1370	高危	1.3.2	2.4.9	json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-03-22 06:15 修改: 2025-02-13 17:15
net.minidev:json-smart	CVE-2023-1370	高危	2.4.8	2.4.9	json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-03-22 06:15 修改: 2025-02-13 17:15
ch.qos.logback:logback-core	CVE-2023-6378	高危	1.2.11	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
org.apache.dolphinscheduler:dolphinscheduler-master	CVE-2023-49299	高危	3.1.7	3.1.9	Apache DolphinScheduler: Arbitrary js execute as root for authenticated users 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49299 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-12-30 17:15 修改: 2025-02-13 18:15
org.apache.dolphinscheduler:dolphinscheduler-master	CVE-2024-23320	高危	3.1.7	3.2.1	Apache DolphinScheduler vulnerable to arbitrary JavaScript execution as root for authenticated users 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23320 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-02-23 17:15 修改: 2025-03-18 17:54
com.amazonaws:aws-java-sdk-s3	CVE-2022-31159	高危	1.12.160	1.12.261	Partial Path Traversal in com.amazonaws:aws-java-sdk-s3 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31159 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-07-15 18:15 修改: 2024-11-21 07:04
org.apache.hive:hive-service	CVE-2024-23945	高危	2.3.9	4.0.0	Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23945 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-12-23 16:15 修改: 2025-07-14 18:32
org.apache.thrift:libthrift	CVE-2018-1320	高危	0.9.3	0.9.3-1, 0.12.0	thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1320 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2019-01-07 17:29 修改: 2024-11-21 03:59
org.apache.thrift:libthrift	CVE-2019-0205	高危	0.9.3	0.13.0	thrift: Endless loop when feed with specific input data 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2019-10-29 19:15 修改: 2024-11-21 04:16
org.apache.thrift:libthrift	CVE-2020-13949	高危	0.9.3	0.14.0	libthrift: potential DoS when processing untrusted payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2021-02-12 20:15 修改: 2024-11-21 05:02
org.apache.thrift:libthrift	CVE-2026-43869	高危	0.9.3	0.23.0	Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-05-05 08:16 修改: 2026-05-06 18:05
ch.qos.logback:logback-classic	CVE-2023-6378	高危	1.2.11	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
org.apache.zookeeper:zookeeper	CVE-2026-24281	高危	3.8.0	3.8.6, 3.9.5	Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24281 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-03-07 09:16 修改: 2026-03-10 18:18
org.apache.zookeeper:zookeeper	CVE-2026-24308	高危	3.8.0	3.9.5, 3.8.6	Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24308 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-03-07 09:16 修改: 2026-03-10 18:18
org.codehaus.jettison:jettison	CVE-2022-40150	高危	1.1	1.5.2	jettison: memory exhaustion via user-supplied XML or JSON data 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-09-16 10:15 修改: 2024-11-21 07:20
org.codehaus.jettison:jettison	CVE-2022-45685	高危	1.1	1.5.2	jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-12-13 15:15 修改: 2025-04-22 04:15
org.codehaus.jettison:jettison	CVE-2022-45693	高危	1.1	1.5.2	jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-12-13 15:15 修改: 2025-04-22 15:16
org.codehaus.jettison:jettison	CVE-2023-1436	高危	1.1	1.5.4	jettison: Uncontrolled Recursion in JSONArray 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-03-22 06:15 修改: 2024-11-21 07:39
org.eclipse.jetty:jetty-http	CVE-2026-2332	高危	9.4.48.v20220622	12.1.7, 12.0.33	org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-14 12:16 修改: 2026-05-01 13:31
org.eclipse.jetty:jetty-server	CVE-2024-13009	高危	9.4.48.v20220622	9.4.57.v20241219	jetty-server: Jetty: Gzip Request Body Buffer Corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13009 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-05-08 18:15 修改: 2025-07-31 16:31
org.ini4j:ini4j	CVE-2022-41404	高危	0.5.4		org.ini4j: unspecified DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41404 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-10-11 23:15 修改: 2025-06-09 16:15
org.lz4:lz4-java	CVE-2025-12183	高危	1.4.0	1.8.1	lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-11-28 16:15 修改: 2026-04-15 00:35
org.lz4:lz4-java	CVE-2025-66566	高危	1.4.0		lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-12-05 18:15 修改: 2026-04-15 00:35
com.facebook.presto:presto-jdbc	GHSA-86q5-qcjc-7pv4	高危	0.238.1-9400489		Presto JDBC Server-Side Request Forgery by nextUri 漏洞详情: https://github.com/advisories/GHSA-86q5-qcjc-7pv4 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-10-03 21:54 修改: 2023-10-03 21:54
org.postgresql:postgresql	CVE-2026-42198	高危	42.4.1	42.7.11	jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42198 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-29 16:16 修改: 2026-05-01 12:51
org.springframework.boot:spring-boot	CVE-2025-22235	高危	2.7.3	3.3.11, 3.4.5	org.springframework.boot/spring-boot: Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22235 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-04-28 08:15 修改: 2026-04-15 00:35
org.springframework.boot:spring-boot	CVE-2026-40973	高危	2.7.3	4.0.6, 3.5.14	Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40973 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-28 00:16 修改: 2026-04-30 14:25
com.facebook.presto:presto-jdbc	GHSA-xm7x-f3w2-4hjm	高危	0.238.1-9400489		Presto JDBC Server-Side Request Forgery by redirect 漏洞详情: https://github.com/advisories/GHSA-xm7x-f3w2-4hjm 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-10-03 21:54 修改: 2023-10-03 21:54
org.springframework.boot:spring-boot-autoconfigure	CVE-2023-20883	高危	2.7.3	3.0.7, 2.7.12, 2.6.15, 2.5.15	spring-boot: Spring Boot Welcome Page DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20883 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-05-26 17:15 修改: 2025-01-16 15:15
org.springframework.boot:spring-boot-starter-actuator	CVE-2026-22733	高危	2.7.3	4.0.4, 3.5.12	Spring Boot has an Authentication Bypass under Actuator CloudFoundry endpoints 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22733 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:24
org.springframework.security:spring-security-crypto	CVE-2025-22228	高危	5.7.3	6.3.8, 6.4.4, 6.2.10, 6.1.14, 6.0.16, 5.8.18, 5.7.16	spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22228 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-03-20 06:15 修改: 2026-04-15 00:35
org.springframework:spring-beans	CVE-2022-22970	高危	5.3.19	5.2.22.RELEASE, 5.3.20	springframework: DoS via data binding to multipartFile or servlet part 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-05-12 20:15 修改: 2024-11-21 06:47
org.springframework:spring-core	CVE-2025-41249	高危	5.3.19	6.2.11	org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41249 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-09-16 11:15 修改: 2026-04-15 00:35
org.springframework:spring-expression	CVE-2023-20863	高危	5.3.22	6.0.8, 5.3.27, 5.2.24.RELEASE	springframework: Spring Expression DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-04-13 20:15 修改: 2025-02-07 17:15
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.13.4	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-06-25 17:15 修改: 2026-04-15 00:35
org.springframework:spring-web	CVE-2024-22243	高危	5.3.22	6.1.4, 6.0.17, 5.3.32	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-02-23 05:15 修改: 2026-04-15 00:35
org.springframework:spring-web	CVE-2024-22259	高危	5.3.22	6.1.5, 6.0.18, 5.3.33	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-03-16 05:15 修改: 2025-06-10 15:55
org.springframework:spring-web	CVE-2024-22262	高危	5.3.22	5.3.34, 6.0.19, 6.1.6	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-04-16 06:15 修改: 2026-04-15 00:35
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.13.4	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-10-02 05:15 修改: 2024-11-21 07:24
org.springframework:spring-webmvc	CVE-2024-38816	高危	5.3.22	6.1.13	spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-09-13 06:15 修改: 2026-04-15 00:35
org.springframework:spring-webmvc	CVE-2024-38819	高危	5.3.22	6.1.14	org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-12-19 18:15 修改: 2026-04-15 00:35
org.xerial.snappy:snappy-java	CVE-2023-34455	高危	1.1.8.4	1.1.10.1	snappy-java: Unchecked chunk length leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-06-15 18:15 修改: 2024-11-21 08:07
org.xerial.snappy:snappy-java	CVE-2023-43642	高危	1.1.8.4	1.1.10.4	snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-09-25 20:15 修改: 2024-11-21 08:24
org.yaml:snakeyaml	CVE-2022-1471	高危	1.31	2.0	SnakeYaml: Constructor Deserialization Remote Code Execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-12-01 11:15 修改: 2025-06-18 09:15
software.amazon.ion:ion-java	CVE-2024-21634	高危	1.0.2	1.10.5	ion-java: ion-java: Ion Java StackOverflow vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-01-03 23:15 修改: 2025-11-03 22:16
org.bouncycastle:bcprov-jdk15on	CVE-2024-34447	中危	1.68	1.78	org.bouncycastle: Use of Incorrectly-Resolved Name or Reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-05-03 16:15 修改: 2026-04-15 00:35
io.netty:netty-transport-native-epoll	CVE-2026-45536	中危	4.1.53.Final	4.2.15.Final, 4.1.135.Final	Netty: Unix-socket fd receive leaks descriptors when peer sends two at once 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
com.fasterxml.woodstox:woodstox-core	CVE-2022-40152	中危	5.3.0	6.4.0, 5.4.0	woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-09-16 10:15 修改: 2025-05-23 16:51
com.squareup.okio:okio	CVE-2023-3635	中危	1.17.2	3.4.0, 1.17.6	okio: GzipSource class improper exception handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-07-12 19:15 修改: 2024-11-21 08:17
ch.qos.logback:logback-core	CVE-2025-11226	中危	1.2.11	1.5.19, 1.3.16	ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-10-01 08:15 修改: 2026-04-15 00:35
org.codehaus.jettison:jettison	CVE-2022-40149	中危	1.1	1.5.1	jettison: parser crash by stackoverflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-09-16 10:15 修改: 2024-11-21 07:20
org.apache.commons:commons-compress	CVE-2024-25710	中危	1.21	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-02-19 09:15 修改: 2025-11-04 17:15
org.eclipse.jetty:jetty-http	CVE-2023-40167	中危	9.4.48.v20220622	9.4.52, 10.0.16, 11.0.16, 12.0.1	jetty: Improper validation of HTTP/1 content-length 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-09-15 20:15 修改: 2024-11-21 08:18
org.eclipse.jetty:jetty-http	CVE-2024-6763	中危	9.4.48.v20220622	12.0.12	org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-10-14 16:15 修改: 2025-07-10 15:04
org.apache.commons:commons-compress	CVE-2024-26308	中危	1.21	1.26.0	commons-compress: OutOfMemoryError unpacking broken Pack200 file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-02-19 09:15 修改: 2025-03-27 20:15
org.eclipse.jetty:jetty-server	CVE-2023-26048	中危	9.4.48.v20220622	9.4.51.v20230217, 10.0.14, 11.0.14	jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-04-18 21:15 修改: 2024-11-21 07:50
org.eclipse.jetty:jetty-server	CVE-2024-8184	中危	9.4.48.v20220622	12.0.9, 10.0.24, 11.0.24, 9.4.56	org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-10-14 16:15 修改: 2025-11-03 20:17
org.eclipse.jetty:jetty-servlets	CVE-2024-9823	中危	9.4.48.v20220622	9.4.54, 10.0.18, 11.0.18	org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9823 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-10-14 15:15 修改: 2025-11-03 20:17
org.glassfish:javax.el	CVE-2021-28170	中危	3.0.0		jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28170 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2021-05-26 22:15 修改: 2024-11-21 05:59
org.apache.commons:commons-configuration2	CVE-2024-29131	中危	2.1.1	2.10.1	commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-03-21 09:15 修改: 2025-05-01 19:13
org.apache.commons:commons-configuration2	CVE-2024-29133	中危	2.1.1	2.10.1	commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-03-21 09:15 修改: 2025-05-01 19:12
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.12.0	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
com.google.guava:guava	CVE-2023-2976	中危	31.1-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-06-14 18:15 修改: 2026-02-25 18:16
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
org.postgresql:postgresql	CVE-2022-41946	中危	42.4.1	42.2.27, 42.3.8, 42.4.3, 42.5.1	postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41946 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-11-23 20:15 修改: 2025-11-03 22:16
com.clickhouse:clickhouse-jdbc	CVE-2024-23689	中危	0.3.2-patch11	0.4.6	ClickHouse vulnerable to client certificate password exposure in client exception 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23689 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-01-19 21:15 修改: 2025-11-29 03:15
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.13.4	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
org.springframework.boot:spring-boot-actuator	CVE-2023-34055	中危	2.7.3	2.7.18, 3.0.13, 3.1.6	spring-boot: org.springframework.boot: spring-boot-actuator class vulnerable to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34055 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-11-28 09:15 修改: 2025-02-13 17:16
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	2.5.0	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-10-12 23:15 修改: 2024-11-21 07:18
org.apache.httpcomponents:httpclient	CVE-2020-13956	中危	4.5.11	4.5.13, 5.0.3	apache-httpclient: incorrect handling of malformed authority component in request URIs 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2020-12-02 17:15 修改: 2025-12-01 16:15
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.17.2	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-10 16:16 修改: 2026-05-06 18:21
com.jayway.jsonpath:json-path	CVE-2023-51074	中危	2.7.0	2.9.0	json-path: stack-based buffer overflow in Criteria.parse method 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51074 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-12-27 21:15 修改: 2025-09-12 18:45
io.netty:netty-codec	CVE-2025-58057	中危	4.1.53.Final	4.1.125.Final	netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-09-04 10:42 修改: 2025-09-08 16:45
org.springframework:spring-context	CVE-2024-38820	中危	5.3.19	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
io.netty:netty-common	CVE-2024-47535	中危	4.1.53.Final	4.1.115.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-11-12 16:15 修改: 2025-09-05 14:00
io.netty:netty-common	CVE-2025-25193	中危	4.1.53.Final	4.1.118.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-02-10 22:15 修改: 2025-06-11 15:36
org.springframework:spring-expression	CVE-2023-20861	中危	5.3.22	6.0.7, 5.3.26, 5.2.23.RELEASE	springframework: Spring Expression DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-03-23 21:15 修改: 2025-02-25 16:15
org.springframework:spring-expression	CVE-2024-38808	中危	5.3.22	5.3.39	spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-08-20 08:15 修改: 2025-06-18 12:10
org.apache.thrift:libthrift	CVE-2018-11798	中危	0.9.3	0.12.0	thrift: Improper Access Control grants access to files outside the webservers docroot path 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11798 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2019-01-07 17:29 修改: 2024-11-21 03:44
ch.qos.logback:logback-core	CVE-2024-12798	中危	1.2.11	1.5.13, 1.3.15	logback-core: arbitrary code execution via JaninoEventEvaluator 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-12-19 16:15 修改: 2026-04-15 00:35
com.nimbusds:nimbus-jose-jwt	CVE-2025-53864	中危	9.8.1	10.0.2, 9.37.4	com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-07-11 03:16 修改: 2026-04-15 00:35
io.netty:netty-handler	CVE-2023-34462	中危	4.1.53.Final	4.1.94.Final	netty: SniHandler 16MB allocation leads to OOM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-06-22 23:15 修改: 2024-11-21 08:07
org.springframework:spring-web	CVE-2024-38809	中危	5.3.22	5.3.38, 6.0.23, 6.1.12	org.springframework:spring-web: Spring Framework DoS via conditional HTTP request 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-09-27 17:15 修改: 2026-04-15 00:35
org.springframework:spring-web	CVE-2024-38820	中危	5.3.22	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.apache.zookeeper:zookeeper	CVE-2024-23944	中危	3.8.0	3.8.4, 3.9.2	Apache-ZooKeeper: Apache ZooKeeper: Information disclosure in persistent watcher handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23944 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-03-15 11:15 修改: 2025-07-03 15:15
org.bouncycastle:bcpkix-jdk15on	CVE-2025-8916	中危	1.68	1.79	org.bouncycastle: BouncyCastle denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-08-13 10:15 修改: 2026-05-12 13:17
org.bouncycastle:bcpkix-jdk15on	CVE-2026-5588	中危	1.68	1.84	bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.springframework:spring-webmvc	CVE-2024-38828	中危	5.3.22	5.3.42	org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-11-18 04:15 修改: 2026-04-15 00:35
org.springframework:spring-webmvc	CVE-2025-41242	中危	5.3.22	6.2.10	org.springframework/spring-webmvc: Spring Framework MVC path traversal vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41242 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-08-18 09:15 修改: 2026-04-15 00:35
org.springframework:spring-webmvc	CVE-2026-22737	中危	5.3.22	7.0.6, 6.2.17	Spring Framework: Spring Framework: Information disclosure via Java scripting engine enabled template views 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22737 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:20
org.springframework:spring-webmvc	CVE-2026-22745	中危	5.3.22	7.0.7, 6.2.18	spring-webflux: Spring MVC and Spring WebFlux: Denial of Service via slow static resource resolution on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22745 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-29 12:16 修改: 2026-05-04 14:50
org.bouncycastle:bcprov-jdk15on	CVE-2023-33201	中危	1.68		bouncycastle: potential blind LDAP injection attack using a self-signed certificate 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-07-05 03:15 修改: 2024-11-21 08:05
org.bouncycastle:bcprov-jdk15on	CVE-2023-33202	中危	1.68	1.70	bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33202 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-11-23 16:15 修改: 2025-08-18 17:15
org.xerial.snappy:snappy-java	CVE-2023-34453	中危	1.1.8.4	1.1.10.1	snappy-java: Integer overflow in shuffle leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-06-15 17:15 修改: 2024-11-21 08:07
org.xerial.snappy:snappy-java	CVE-2023-34454	中危	1.1.8.4	1.1.10.1	snappy-java: Integer overflow in compress leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-06-15 17:15 修改: 2024-12-12 17:15
org.bouncycastle:bcprov-jdk15on	CVE-2024-29857	中危	1.68	1.78	org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-05-14 15:17 修改: 2026-04-15 00:35
org.yaml:snakeyaml	CVE-2022-38752	中危	1.31	1.32	snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-09-05 10:15 修改: 2024-11-21 07:17
org.yaml:snakeyaml	CVE-2022-41854	中危	1.31	1.32	dev-java/snakeyaml: DoS via stack overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2022-11-11 13:15 修改: 2024-11-21 07:23
org.bouncycastle:bcprov-jdk15on	CVE-2024-30171	中危	1.68	1.78	bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-05-14 15:21 修改: 2026-04-15 00:35
org.eclipse.jetty:jetty-xml	GHSA-58qw-p7qm-5rvh	低危	9.4.48.v20220622	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823	Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations 漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-07-10 21:52 修改: 2026-02-10 20:06
org.springframework:spring-webmvc	CVE-2026-22735	低危	5.3.22	7.0.6, 6.2.17	org.springframework/spring-webmvc: org.springframework/spring-webflux: Spring MVC and WebFlux: Stream corruption vulnerability when using Server-Sent Events 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22735 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-03-20 00:16 修改: 2026-04-23 14:21
org.springframework:spring-webmvc	CVE-2026-22741	低危	5.3.22	7.0.7, 6.2.18	Spring MVC: Spring WebFlux: Spring MVC and Spring WebFlux: Denial of Service via cache poisoning 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22741 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-04-29 12:16 修改: 2026-05-04 14:51
org.springframework:spring-context	CVE-2025-22233	低危	5.3.19	6.2.7, 6.1.20	CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22233 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2025-05-16 20:15 修改: 2026-04-15 00:35
org.eclipse.jetty:jetty-http	CVE-2025-11143	低危	9.4.48.v20220622	12.0.31, 12.1.5	org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-03-05 10:15 修改: 2026-03-06 20:30
org.apache.hadoop:hadoop-common	CVE-2024-23454	低危	3.2.4	3.4.0	Apache Hadoop: Temporary File Local Information Disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-09-25 08:15 修改: 2025-11-13 14:14
ch.qos.logback:logback-core	CVE-2024-12801	低危	1.2.11	1.5.13, 1.3.15	logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2024-12-19 17:15 修改: 2026-04-15 00:35
com.google.guava:guava	CVE-2020-8908	低危	31.1-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2020-12-10 23:15 修改: 2026-02-23 21:17
org.eclipse.jetty:jetty-server	CVE-2023-26049	低危	9.4.48.v20220622	9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0	jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-04-18 21:15 修改: 2024-11-21 07:50
ch.qos.logback:logback-core	CVE-2026-1225	低危	1.2.11	1.5.25	ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2026-01-22 10:16 修改: 2026-04-15 00:35
org.eclipse.jetty:jetty-servlets	CVE-2023-36479	低危	9.4.48.v20220622	9.4.52, 10.0.16, 11.0.16	jetty: Improper addition of quotation marks to user inputs in CgiServlet 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36479 镜像层: sha256:fe4b5a081f3ec9562e1c42ed163434cedafbd0a487a6bdd819e8643b0e6215bb 发布日期: 2023-09-15 19:15 修改: 2025-05-27 21:20