docker.io/apache/gravitino-playground:ranger-0.1.0 linux/amd64

docker.io/apache/gravitino-playground:ranger-0.1.0 - Trivy安全扫描结果扫描时间: 2026-06-24 20:50

全部漏洞信息

低危漏洞:60

中危漏洞:312

高危漏洞:426

严重漏洞:130

系统OS: debian 10.13 扫描引擎: Trivy 扫描时间: 2026-06-24 20:50

docker.io/apache/gravitino-playground:ranger-0.1.0 (debian 10.13) (debian)

低危漏洞:31

中危漏洞:111

高危漏洞:129

严重漏洞:3

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libdb5.3	CVE-2019-8457	严重	5.3.28+dfsg1-0.5		sqlite: heap out-of-bound read in function rtreenode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-05-30 16:29 修改: 2026-06-17 02:42
wget	CVE-2024-38428	严重	1.20.1-1.1		wget: Misinterpretation of input may lead to improper behavior 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38428 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-06-16 03:15 修改: 2026-06-17 07:40
zlib1g	CVE-2023-45853	严重	1:1.2.11.dfsg-1+deb10u2		zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45853 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-10-14 02:15 修改: 2026-06-17 06:29
gawk	CVE-2023-4156	高危	1:4.2.1+dfsg-1		gawk: heap out of bound read in builtin.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4156 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-25 18:15 修改: 2026-06-17 06:37
gcc-8	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
gcc-8	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
gcc-8-base	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
gcc-8-base	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libasan5	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libasan5	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libatomic1	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libatomic1	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libc-bin	CVE-2020-1751	高危	2.28-10+deb10u3		glibc: array overflow in backtrace functions for powerpc 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1751 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2020-04-17 19:15 修改: 2026-06-17 03:02
libc-bin	CVE-2024-33599	高危	2.28-10+deb10u3	2.28-10+deb10u4	glibc: stack-based buffer overflow in netgroup cache 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
libc-dev-bin	CVE-2020-1751	高危	2.28-10+deb10u4		glibc: array overflow in backtrace functions for powerpc 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1751 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-04-17 19:15 修改: 2026-06-17 03:02
libc6	CVE-2020-1751	高危	2.28-10+deb10u4		glibc: array overflow in backtrace functions for powerpc 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1751 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-04-17 19:15 修改: 2026-06-17 03:02
libc6-dev	CVE-2020-1751	高危	2.28-10+deb10u4		glibc: array overflow in backtrace functions for powerpc 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1751 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-04-17 19:15 修改: 2026-06-17 03:02
libcc1-0	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libcc1-0	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libcom-err2	CVE-2022-1304	高危	1.44.5-1+deb10u3		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:22
cpp-8	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libext2fs2	CVE-2022-1304	高危	1.44.5-1+deb10u3		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:22
libgcc-8-dev	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libgcc-8-dev	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libgcc1	CVE-2018-12886	高危	1:8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libgcc1	CVE-2019-15847	高危	1:8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libgcrypt20	CVE-2021-33560	高危	1.8.4-5+deb10u1		libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2021-06-08 11:15 修改: 2026-06-17 03:54
libgdk-pixbuf2.0-0	CVE-2022-48622	高危	2.38.1+dfsg-1		gnome: heap memory corruption on gdk-pixbuf 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48622 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-01-26 09:15 修改: 2026-06-17 05:15
libgdk-pixbuf2.0-bin	CVE-2022-48622	高危	2.38.1+dfsg-1		gnome: heap memory corruption on gdk-pixbuf 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48622 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-01-26 09:15 修改: 2026-06-17 05:15
libgdk-pixbuf2.0-common	CVE-2022-48622	高危	2.38.1+dfsg-1		gnome: heap memory corruption on gdk-pixbuf 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48622 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-01-26 09:15 修改: 2026-06-17 05:15
libgomp1	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libgomp1	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libharfbuzz0b	CVE-2023-25193	高危	2.3.1-1		harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25193 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-04 20:15 修改: 2026-06-17 05:40
libidn2-0	CVE-2019-12290	高危	2.0.5-1+deb10u1		GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12290 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-10-22 16:15 修改: 2026-06-17 02:14
libitm1	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libitm1	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libldap-2.4-2	CVE-2023-2953	高危	2.4.47+dfsg-3+deb10u7		openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-05-30 22:15 修改: 2026-06-17 05:53
libldap-common	CVE-2023-2953	高危	2.4.47+dfsg-3+deb10u7		openldap: null pointer dereference in ber_memalloc_x function 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-05-30 22:15 修改: 2026-06-17 05:53
liblsan0	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
liblsan0	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libmpx2	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libmpx2	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libnss-systemd	CVE-2019-3843	高危	241-7~deb10u10		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libnss-systemd	CVE-2019-3844	高危	241-7~deb10u10		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libnss-systemd	CVE-2023-50387	高危	241-7~deb10u10		bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:39
libnss-systemd	CVE-2023-50868	高危	241-7~deb10u10		bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:40
libpam-systemd	CVE-2019-3843	高危	241-7~deb10u10		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libpam-systemd	CVE-2019-3844	高危	241-7~deb10u10		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libpam-systemd	CVE-2023-50387	高危	241-7~deb10u10		bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:39
libpam-systemd	CVE-2023-50868	高危	241-7~deb10u10		bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:40
libperl5.28	CVE-2020-16156	高危	5.28.1-6+deb10u1		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-12-13 18:15 修改: 2026-06-17 02:57
libperl5.28	CVE-2023-31484	高危	5.28.1-6+deb10u1		perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-29 00:15 修改: 2026-06-17 05:57
libpython2.7-minimal	CVE-2020-10735	高危	2.7.16-2+deb10u4		python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-09 14:15 修改: 2026-06-17 02:48
libpython2.7-stdlib	CVE-2020-10735	高危	2.7.16-2+deb10u4		python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-09 14:15 修改: 2026-06-17 02:48
libpython3.7-minimal	CVE-2022-0391	高危	3.7.3-2+deb10u7		python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-02-09 23:15 修改: 2026-06-17 04:20
libpython3.7-minimal	CVE-2022-42919	高危	3.7.3-2+deb10u7		python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-11-07 00:15 修改: 2026-06-17 05:05
libpython3.7-minimal	CVE-2023-24329	高危	3.7.3-2+deb10u7		python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
libpython3.7-stdlib	CVE-2022-0391	高危	3.7.3-2+deb10u7		python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-02-09 23:15 修改: 2026-06-17 04:20
libpython3.7-stdlib	CVE-2022-42919	高危	3.7.3-2+deb10u7		python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-11-07 00:15 修改: 2026-06-17 05:05
libpython3.7-stdlib	CVE-2023-24329	高危	3.7.3-2+deb10u7		python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
libquadmath0	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libquadmath0	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libsqlite3-0	CVE-2019-19603	高危	3.27.2-3+deb10u2		sqlite: mishandling of certain SELECT statements with non-existent VIEW can lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19603 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-12-09 19:15 修改: 2026-06-17 02:26
libsqlite3-0	CVE-2023-7104	高危	3.27.2-3+deb10u2		sqlite: heap-buffer-overflow at sessionfuzz 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-29 10:15 修改: 2026-06-17 06:52
libss2	CVE-2022-1304	高危	1.44.5-1+deb10u3		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:22
libstdc++6	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libstdc++6	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libsystemd0	CVE-2019-3843	高危	241-7~deb10u10		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libsystemd0	CVE-2019-3844	高危	241-7~deb10u10		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libsystemd0	CVE-2023-50387	高危	241-7~deb10u10		bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:39
libsystemd0	CVE-2023-50868	高危	241-7~deb10u10		bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:40
libtiff5	CVE-2023-52355	高危	4.1.0+git191117-2~deb10u9		libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52355 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-01-25 20:15 修改: 2026-06-17 06:42
libtsan0	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libtsan0	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libubsan1	CVE-2018-12886	高危	8.3.0-6		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-05-22 19:29 修改: 2026-06-17 01:38
libubsan1	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
libudev1	CVE-2019-3843	高危	241-7~deb10u10		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libudev1	CVE-2019-3844	高危	241-7~deb10u10		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
libudev1	CVE-2023-50387	高危	241-7~deb10u10		bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:39
libudev1	CVE-2023-50868	高危	241-7~deb10u10		bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:40
libxml2	CVE-2017-16932	高危	2.9.4+dfsg1-7+deb10u6		libxml2: Infinite recursion in parameter entities 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16932 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2017-11-23 21:29 修改: 2026-06-17 01:10
libxml2	CVE-2022-2309	高危	2.9.4+dfsg1-7+deb10u6		lxml: NULL Pointer Dereference in lxml 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2309 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-07-05 10:15 修改: 2026-06-17 04:41
libxml2	CVE-2024-25062	高危	2.9.4+dfsg1-7+deb10u6		libxml2: use-after-free in XMLReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25062 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-04 16:15 修改: 2026-06-17 07:15
linux-libc-dev	CVE-2013-7445	高危	4.19.316-1		kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-7445 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2015-10-16 01:59 修改: 2026-05-06 22:30
linux-libc-dev	CVE-2019-19449	高危	4.19.316-1		kernel: mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19449 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-12-08 02:15 修改: 2026-06-17 02:26
linux-libc-dev	CVE-2019-19814	高危	4.19.316-1		kernel: out-of-bounds write in __remove_dirty_segment in fs/f2fs/segment.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19814 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-12-17 06:15 修改: 2026-06-17 02:27
linux-libc-dev	CVE-2020-12362	高危	4.19.316-1		kernel: Integer overflow in Intel(R) Graphics Drivers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12362 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-17 14:15 修改: 2026-06-17 02:51
linux-libc-dev	CVE-2021-38207	高危	4.19.316-1		kernel: buffer overflow in drivers/net/ethernet/xilinx/ll_temac_main.c by sending heavy network traffic for about ten minutes 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38207 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-08-08 20:15 修改: 2026-06-17 04:01
linux-libc-dev	CVE-2023-20938	高危	4.19.316-1		In binder_transaction_buffer_release of binder.c, there is a possible ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20938 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-28 17:15 修改: 2026-06-17 05:31
linux-libc-dev	CVE-2023-28466	高危	4.19.316-1		kernel: tls: race condition in do_tls_getsockopt may lead to use-after-free or NULL pointer dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28466 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-03-16 00:15 修改: 2026-06-17 05:47
linux-libc-dev	CVE-2023-52451	高危	4.19.316-1		kernel: powerpc: Fix access beyond end of drmem array 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52451 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-22 17:15 修改: 2026-06-17 06:42
linux-libc-dev	CVE-2023-52598	高危	4.19.316-1		kernel: s390/ptrace: handle setting of fpc register correctly 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52598 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-06 07:15 修改: 2026-06-17 06:43
linux-libc-dev	CVE-2024-26654	高危	4.19.316-1		kernel: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26654 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-04-01 09:15 修改: 2026-06-17 07:18
linux-libc-dev	CVE-2024-26957	高危	4.19.316-1		kernel: s390/zcrypt: fix reference counting on zcrypt card objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26957 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-05-01 06:15 修改: 2026-06-17 07:18
linux-libc-dev	CVE-2024-27000	高危	4.19.316-1		kernel: serial: mxs-auart: add spinlock around changing cts state 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-27000 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-05-01 06:15 修改: 2026-06-17 07:18
perl	CVE-2020-16156	高危	5.28.1-6+deb10u1		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-12-13 18:15 修改: 2026-06-17 02:57
perl	CVE-2023-31484	高危	5.28.1-6+deb10u1		perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-29 00:15 修改: 2026-06-17 05:57
perl-base	CVE-2020-16156	高危	5.28.1-6+deb10u1		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2021-12-13 18:15 修改: 2026-06-17 02:57
perl-base	CVE-2023-31484	高危	5.28.1-6+deb10u1		perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-04-29 00:15 修改: 2026-06-17 05:57
perl-modules-5.28	CVE-2020-16156	高危	5.28.1-6+deb10u1		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-12-13 18:15 修改: 2026-06-17 02:57
perl-modules-5.28	CVE-2023-31484	高危	5.28.1-6+deb10u1		perl: CPAN.pm does not verify TLS certificates when downloading distributions over HTTPS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31484 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-29 00:15 修改: 2026-06-17 05:57
python2.7	CVE-2020-10735	高危	2.7.16-2+deb10u4		python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-09 14:15 修改: 2026-06-17 02:48
python2.7-minimal	CVE-2020-10735	高危	2.7.16-2+deb10u4		python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10735 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-09 14:15 修改: 2026-06-17 02:48
python3.7	CVE-2022-0391	高危	3.7.3-2+deb10u7		python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-02-09 23:15 修改: 2026-06-17 04:20
python3.7	CVE-2022-42919	高危	3.7.3-2+deb10u7		python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-11-07 00:15 修改: 2026-06-17 05:05
python3.7	CVE-2023-24329	高危	3.7.3-2+deb10u7		python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
python3.7-minimal	CVE-2022-0391	高危	3.7.3-2+deb10u7		python: urllib.parse does not sanitize URLs containing ASCII newline and tabs 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0391 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-02-09 23:15 修改: 2026-06-17 04:20
python3.7-minimal	CVE-2022-42919	高危	3.7.3-2+deb10u7		python: local privilege escalation via the multiprocessing forkserver start method 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42919 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-11-07 00:15 修改: 2026-06-17 05:05
python3.7-minimal	CVE-2023-24329	高危	3.7.3-2+deb10u7		python: urllib.parse url blocklisting bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-17 15:15 修改: 2026-06-17 05:39
rsync	CVE-2022-29154	高危	3.1.3-6		rsync: remote arbitrary files write inside the directories of connecting peers 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29154 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-02 15:15 修改: 2026-06-17 04:39
systemd	CVE-2019-3843	高危	241-7~deb10u10		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
systemd	CVE-2019-3844	高危	241-7~deb10u10		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
systemd	CVE-2023-50387	高危	241-7~deb10u10		bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:39
systemd	CVE-2023-50868	高危	241-7~deb10u10		bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:40
systemd-sysv	CVE-2019-3843	高危	241-7~deb10u10		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
systemd-sysv	CVE-2019-3844	高危	241-7~deb10u10		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-04-26 21:29 修改: 2026-06-17 02:35
systemd-sysv	CVE-2023-50387	高危	241-7~deb10u10		bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:39
systemd-sysv	CVE-2023-50868	高危	241-7~deb10u10		bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-14 16:15 修改: 2026-06-17 06:40
vim	CVE-2023-4738	高危	2:8.1.0875-5+deb10u6		vim: heap-buffer-overflow in vim_regsub_both in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-02 20:15 修改: 2026-06-17 06:38
vim	CVE-2023-5344	高危	2:8.1.0875-5+deb10u6		vim: Heap-based Buffer Overflow in trunc_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-10-02 20:15 修改: 2026-06-17 06:48
vim	CVE-2024-22667	高危	2:8.1.0875-5+deb10u6		vim: Stack buffer over flow in did_set_langmap function in map.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-05 08:15 修改: 2026-06-17 07:11
vim-common	CVE-2023-4738	高危	2:8.1.0875-5+deb10u6		vim: heap-buffer-overflow in vim_regsub_both in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-02 20:15 修改: 2026-06-17 06:38
vim-common	CVE-2023-5344	高危	2:8.1.0875-5+deb10u6		vim: Heap-based Buffer Overflow in trunc_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-10-02 20:15 修改: 2026-06-17 06:48
vim-common	CVE-2024-22667	高危	2:8.1.0875-5+deb10u6		vim: Stack buffer over flow in did_set_langmap function in map.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-05 08:15 修改: 2026-06-17 07:11
vim-runtime	CVE-2023-4738	高危	2:8.1.0875-5+deb10u6		vim: heap-buffer-overflow in vim_regsub_both in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-02 20:15 修改: 2026-06-17 06:38
vim-runtime	CVE-2023-5344	高危	2:8.1.0875-5+deb10u6		vim: Heap-based Buffer Overflow in trunc_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-10-02 20:15 修改: 2026-06-17 06:48
vim-runtime	CVE-2024-22667	高危	2:8.1.0875-5+deb10u6		vim: Stack buffer over flow in did_set_langmap function in map.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-05 08:15 修改: 2026-06-17 07:11
cpp-8	CVE-2019-15847	高危	8.3.0-6		gcc: POWER9 "DARN" RNG intrinsic produces repeated output 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15847 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-02 23:15 修改: 2026-06-17 02:21
xxd	CVE-2023-4738	高危	2:8.1.0875-5+deb10u6		vim: heap-buffer-overflow in vim_regsub_both in vim/vim 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4738 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-02 20:15 修改: 2026-06-17 06:38
xxd	CVE-2023-5344	高危	2:8.1.0875-5+deb10u6		vim: Heap-based Buffer Overflow in trunc_string() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5344 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-10-02 20:15 修改: 2026-06-17 06:48
xxd	CVE-2024-22667	高危	2:8.1.0875-5+deb10u6		vim: Stack buffer over flow in did_set_langmap function in map.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22667 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-02-05 08:15 修改: 2026-06-17 07:11
e2fsprogs	CVE-2022-1304	高危	1.44.5-1+deb10u3		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:22
libc6	CVE-2023-4813	中危	2.28-10+deb10u4		glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
libtiff5	CVE-2022-40090	中危	4.1.0+git191117-2~deb10u9		libtiff: infinite loop via a crafted TIFF file 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40090 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-08-22 19:16 修改: 2026-06-17 05:00
libtiff5	CVE-2023-6277	中危	4.1.0+git191117-2~deb10u9		libtiff: Out-of-memory in TIFFOpen via a craft file 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6277 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-24 19:15 修改: 2026-06-17 06:50
libtinfo6	CVE-2023-50495	中危	6.1+20181013-2+deb10u5		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libavahi-client3	CVE-2023-38471	中危	0.7-4+deb10u3		avahi: Reachable assertion in dbus_set_host_name 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38471 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libc6-dev	CVE-2023-4806	中危	2.28-10+deb10u4		glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
libncurses6	CVE-2023-50495	中危	6.1+20181013-2+deb10u5		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libncursesw6	CVE-2023-50495	中危	6.1+20181013-2+deb10u5		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
libc6-dev	CVE-2023-4813	中危	2.28-10+deb10u4		glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
libavahi-client3	CVE-2023-38472	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_rdata_parse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38472 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libavahi-client3	CVE-2023-38473	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_alternative_host_name 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38473 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 16:15 修改: 2026-06-17 06:10
libavahi-common-data	CVE-2023-38469	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_dns_packet_append_record 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38469 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libudev1	CVE-2021-3997	中危	241-7~deb10u10		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
libudev1	CVE-2022-4415	中危	241-7~deb10u10		systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
libudev1	CVE-2023-7008	中危	241-7~deb10u10		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
libwayland-client0	CVE-2021-3782	中危	1.16.0-1		wayland: libwayland-server wl_shm reference-count overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3782 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-23 16:15 修改: 2026-06-17 04:05
libwayland-cursor0	CVE-2021-3782	中危	1.16.0-1		wayland: libwayland-server wl_shm reference-count overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3782 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-23 16:15 修改: 2026-06-17 04:05
libwayland-egl1	CVE-2021-3782	中危	1.16.0-1		wayland: libwayland-server wl_shm reference-count overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3782 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-09-23 16:15 修改: 2026-06-17 04:05
libnss-systemd	CVE-2021-3997	中危	241-7~deb10u10		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
libnss-systemd	CVE-2022-4415	中危	241-7~deb10u10		systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
libnss-systemd	CVE-2023-7008	中危	241-7~deb10u10		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
libxml2	CVE-2016-3709	中危	2.9.4+dfsg1-7+deb10u6		libxml2: Incorrect server side include parsing can lead to XSS 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3709 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-07-28 17:15 修改: 2026-06-17 00:46
libxml2	CVE-2016-9318	中危	2.9.4+dfsg1-7+deb10u6		libxml2: XML External Entity vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9318 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2016-11-16 00:59 修改: 2026-06-17 00:55
libxml2	CVE-2023-39615	中危	2.9.4+dfsg1-7+deb10u6		libxml2: crafted xml can cause global buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39615 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-08-29 17:15 修改: 2026-06-17 06:12
libxml2	CVE-2023-45322	中危	2.9.4+dfsg1-7+deb10u6		libxml2: use-after-free in xmlUnlinkNode() in tree.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45322 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-10-06 22:15 修改: 2026-06-17 06:28
libnss3	CVE-2020-12413	中危	2:3.42.1-1+deb10u8		nss: Information exposure when DH secret are reused across multiple TLS connections 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12413 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-02-16 22:15 修改: 2026-06-17 02:51
libnss3	CVE-2023-6135	中危	2:3.42.1-1+deb10u8		nss: vulnerable to Minerva side-channel information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6135 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-19 14:15 修改: 2026-06-17 06:50
libpam-modules	CVE-2024-22365	中危	1.3.1-5		pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11
libpam-modules-bin	CVE-2024-22365	中危	1.3.1-5		pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11
libpam-runtime	CVE-2024-22365	中危	1.3.1-5		pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11
libcurl3-gnutls	CVE-2024-2398	中危	7.64.0-4+deb10u9		curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
libcurl4	CVE-2024-2398	中危	7.64.0-4+deb10u9		curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
libavahi-common-data	CVE-2023-38470	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_escape_label 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38470 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libavahi-common-data	CVE-2023-38471	中危	0.7-4+deb10u3		avahi: Reachable assertion in dbus_set_host_name 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38471 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libpam-systemd	CVE-2021-3997	中危	241-7~deb10u10		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
libpam-systemd	CVE-2022-4415	中危	241-7~deb10u10		systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
libpam-systemd	CVE-2023-7008	中危	241-7~deb10u10		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
linux-libc-dev	CVE-2019-16089	中危	4.19.316-1		kernel: Improper return check in nbd_genl_status function in drivers/block/nbd.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16089 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-09-06 23:15 修改: 2026-06-17 02:21
linux-libc-dev	CVE-2019-20794	中危	4.19.316-1		kernel: task processes not being properly ended could lead to resource exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20794 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-05-09 18:15 修改: 2026-06-17 02:31
linux-libc-dev	CVE-2020-12363	中危	4.19.316-1		kernel: Improper input validation in some Intel(R) Graphics Drivers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12363 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-17 14:15 修改: 2026-06-17 02:51
linux-libc-dev	CVE-2020-12364	中危	4.19.316-1		kernel: Null pointer dereference in some Intel(R) Graphics Drivers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12364 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-17 14:15 修改: 2026-06-17 02:51
linux-libc-dev	CVE-2020-14304	中危	4.19.316-1		kernel: ethtool when reading eeprom of device could lead to memory leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14304 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-09-15 20:15 修改: 2026-06-17 02:54
linux-libc-dev	CVE-2022-0480	中危	4.19.316-1		kernel: memcg does not limit the number of POSIX file locks allowing memory exhaustion 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0480 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-29 15:15 修改: 2026-06-17 04:20
linux-libc-dev	CVE-2022-21499	中危	4.19.316-1		kernel: possible to use the debugger to write zero into a location of choice 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21499 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-06-09 21:15 修改: 2026-06-17 04:26
linux-libc-dev	CVE-2022-29900	中危	4.19.316-1		hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29900 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-07-12 19:15 修改: 2026-06-17 04:40
linux-libc-dev	CVE-2023-20569	中危	4.19.316-1		amd: Return Address Predictor vulnerability leading to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20569 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-08-08 18:15 修改: 2026-06-17 05:30
linux-libc-dev	CVE-2023-3006	中危	4.19.316-1		RHEL: Add Spectre-BHB mitigation for AmpereOne 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3006 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-05-31 20:15 修改: 2026-06-17 06:13
linux-libc-dev	CVE-2023-52606	中危	4.19.316-1		kernel: powerpc/lib: Validate size for vector operations 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52606 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-06 07:15 修改: 2026-06-17 06:43
linux-libc-dev	CVE-2023-52607	中危	4.19.316-1		kernel: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52607 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-06 07:15 修改: 2026-06-17 06:43
linux-libc-dev	CVE-2023-52675	中危	4.19.316-1		kernel: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52675 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-05-17 15:15 修改: 2026-06-17 06:43
linux-libc-dev	CVE-2023-52686	中危	4.19.316-1		kernel: powerpc/powernv: Add a null pointer check in opal_event_init() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52686 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-05-17 15:15 修改: 2026-06-17 06:43
linux-libc-dev	CVE-2024-26751	中危	4.19.316-1		kernel: ARM: ep93xx: Add terminator to gpiod_lookup_table 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26751 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-04-03 17:15 修改: 2026-06-17 07:18
linux-libc-dev	CVE-2024-26999	中危	4.19.316-1		kernel: serial/pmac_zilog: Remove flawed mitigation for rx irq flood 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26999 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-05-01 06:15 修改: 2026-06-17 07:18
linux-libc-dev	CVE-2024-38607	中危	4.19.316-1		kernel: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38607 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-06-19 14:15 修改: 2026-06-17 07:40
linux-libc-dev	CVE-2024-38613	中危	4.19.316-1		kernel: m68k: Fix spinlock race in kernel thread creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38613 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-06-19 14:15 修改: 2026-06-17 07:40
login	CVE-2023-4641	中危	1:4.5-1.1		shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38
ncurses-base	CVE-2023-50495	中危	6.1+20181013-2+deb10u5		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
ncurses-bin	CVE-2023-50495	中危	6.1+20181013-2+deb10u5		ncurses: segmentation fault via _nc_wrap_entry() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-12 15:15 修改: 2026-06-17 06:39
openssl	CVE-2023-5678	中危	1.1.1n-0+deb10u6		openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49
openssl	CVE-2024-0727	中危	1.1.1n-0+deb10u6		openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54
passwd	CVE-2023-4641	中危	1:4.5-1.1		shadow-utils: possible password leak during passwd(1) change 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38
libpam0g	CVE-2024-22365	中危	1.3.1-5		pam: allowing unprivileged user to block another user namespace 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11
libpcre3	CVE-2020-14155	中危	2:8.39-12		pcre: Integer overflow when parsing callout numeric arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2020-06-15 17:15 修改: 2026-06-17 02:54
libavahi-common-data	CVE-2023-38472	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_rdata_parse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38472 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libavahi-common-data	CVE-2023-38473	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_alternative_host_name 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38473 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 16:15 修改: 2026-06-17 06:10
libavahi-common3	CVE-2023-38469	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_dns_packet_append_record 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38469 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libpython2.7-minimal	CVE-2023-27043	中危	2.7.16-2+deb10u4		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
libavahi-common3	CVE-2023-38470	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_escape_label 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38470 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
python2.7	CVE-2023-27043	中危	2.7.16-2+deb10u4		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
libpython2.7-stdlib	CVE-2023-27043	中危	2.7.16-2+deb10u4		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
python2.7-minimal	CVE-2023-27043	中危	2.7.16-2+deb10u4		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
libavahi-common3	CVE-2023-38471	中危	0.7-4+deb10u3		avahi: Reachable assertion in dbus_set_host_name 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38471 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libgcrypt20	CVE-2019-13627	中危	1.8.4-5+deb10u1		libgcrypt: ECDSA timing attack allowing private key leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13627 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-09-25 15:15 修改: 2026-06-17 02:17
libavahi-common3	CVE-2023-38472	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_rdata_parse 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38472 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
python3.7	CVE-2021-23336	中危	3.7.3-2+deb10u7		python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-15 13:15 修改: 2026-06-17 03:38
python3.7	CVE-2023-27043	中危	3.7.3-2+deb10u7		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
libpython3.7-minimal	CVE-2021-23336	中危	3.7.3-2+deb10u7		python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-15 13:15 修改: 2026-06-17 03:38
libpython3.7-minimal	CVE-2023-27043	中危	3.7.3-2+deb10u7		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
libavahi-common3	CVE-2023-38473	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_alternative_host_name 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38473 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 16:15 修改: 2026-06-17 06:10
python3.7-minimal	CVE-2021-23336	中危	3.7.3-2+deb10u7		python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-15 13:15 修改: 2026-06-17 03:38
python3.7-minimal	CVE-2023-27043	中危	3.7.3-2+deb10u7		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
curl	CVE-2024-2398	中危	7.64.0-4+deb10u9		curl: HTTP/2 push headers memory-leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24
iproute2	CVE-2019-20795	中危	4.20.0-2+deb10u1		iproute: use-after-free in get_netnsid_from_name in ip/ipnetns.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20795 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2020-05-09 21:15 修改: 2026-06-17 02:31
libpython3.7-stdlib	CVE-2021-23336	中危	3.7.3-2+deb10u7		python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-02-15 13:15 修改: 2026-06-17 03:38
libpython3.7-stdlib	CVE-2023-27043	中危	3.7.3-2+deb10u7		python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-04-19 00:15 修改: 2026-06-17 05:44
libc-bin	CVE-2023-4806	中危	2.28-10+deb10u3		glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
systemd	CVE-2021-3997	中危	241-7~deb10u10		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
systemd	CVE-2022-4415	中危	241-7~deb10u10		systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
systemd	CVE-2023-7008	中危	241-7~deb10u10		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
libc-bin	CVE-2023-4813	中危	2.28-10+deb10u3		glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
libharfbuzz0b	CVE-2022-33068	中危	2.3.1-1		harfbuzz: integer overflow in the component hb-ot-shape-fallback.cc 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33068 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-06-23 17:15 修改: 2026-06-17 04:48
libc-bin	CVE-2024-33600	中危	2.28-10+deb10u3	2.28-10+deb10u4	glibc: null pointer dereferences after failed netgroup cache insertion 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
libsqlite3-0	CVE-2019-19645	中危	3.27.2-3+deb10u2		sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19645 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-12-09 16:15 修改: 2026-06-17 02:26
systemd-sysv	CVE-2021-3997	中危	241-7~deb10u10		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
systemd-sysv	CVE-2022-4415	中危	241-7~deb10u10		systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
systemd-sysv	CVE-2023-7008	中危	241-7~deb10u10		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
libsqlite3-0	CVE-2019-19924	中危	3.27.2-3+deb10u2		sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19924 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-12-24 16:15 修改: 2026-06-17 02:27
libsqlite3-0	CVE-2020-13631	中危	3.27.2-3+deb10u2		sqlite: Virtual table can be renamed into the name of one of its shadow tables 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13631 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-05-27 15:15 修改: 2026-06-17 02:53
libavahi-client3	CVE-2023-38469	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_dns_packet_append_record 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38469 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
libssl1.1	CVE-2023-5678	中危	1.1.1n-0+deb10u6		openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49
libssl1.1	CVE-2024-0727	中危	1.1.1n-0+deb10u6		openssl: denial of service via null dereference 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54
libc-dev-bin	CVE-2023-4806	中危	2.28-10+deb10u4		glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
libjpeg62-turbo	CVE-2020-35538	中危	1:1.5.2-2+deb10u1		libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35538 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-08-31 16:15 修改: 2026-06-17 03:13
libjpeg62-turbo	CVE-2021-46822	中危	1:1.5.2-2+deb10u1		libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46822 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-06-18 16:15 修改: 2026-06-17 04:15
libc-dev-bin	CVE-2023-4813	中危	2.28-10+deb10u4		glibc: potential use-after-free in gaih_inet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4813 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-12 22:15 修改: 2026-06-17 06:38
libavahi-client3	CVE-2023-38470	中危	0.7-4+deb10u3		avahi: Reachable assertion in avahi_escape_label 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38470 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-11-02 15:15 修改: 2026-06-17 06:10
wget	CVE-2021-31879	中危	1.20.1-1.1		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2021-04-29 05:15 修改: 2026-06-17 03:52
libc6	CVE-2023-4806	中危	2.28-10+deb10u4		glibc: potential use-after-free in getaddrinfo() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4806 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-09-18 17:15 修改: 2026-06-17 06:38
libsystemd0	CVE-2021-3997	中危	241-7~deb10u10		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2022-08-23 20:15 修改: 2026-06-17 04:06
libsystemd0	CVE-2022-4415	中危	241-7~deb10u10		systemd: local information leak due to systemd-coredump not respecting fs.suid_dumpable kernel setting 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4415 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-01-11 15:15 修改: 2026-06-17 05:20
libsystemd0	CVE-2023-7008	中危	241-7~deb10u10		systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-12-23 13:15 修改: 2026-06-17 06:51
login	CVE-2018-7169	低危	1:4.5-1.1		shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2018-02-15 20:29 修改: 2026-06-17 02:02
login	CVE-2023-29383	低危	1:4.5-1.1		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-04-14 22:15 修改: 2026-06-17 05:49
libc-bin	CVE-2024-33601	低危	2.28-10+deb10u3	2.28-10+deb10u4	glibc: netgroup cache may terminate daemon on memory allocation failure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
libc-bin	CVE-2024-33602	低危	2.28-10+deb10u3	2.28-10+deb10u4	glibc: netgroup cache assumes NSS callback uses in-buffer strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32
libcroco3	CVE-2017-8834	低危	0.6.12-3		libcroco: Memory allocation failure in the cr_tknzr_parse_comment function 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-8834 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2017-06-12 06:29 修改: 2026-06-17 01:27
libcroco3	CVE-2017-8871	低危	0.6.12-3		libcroco: Infinite loop in the cr_parser_parse_selector_core function 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-8871 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2017-06-12 06:29 修改: 2026-06-17 01:27
openssl	CVE-2024-2511	低危	1.1.1n-0+deb10u6		openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
openssl	CVE-2024-4741	低危	1.1.1n-0+deb10u6		openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
libcroco3	CVE-2020-12825	低危	0.6.12-3		libcroco: Stack overflow in function cr_parser_parse_any_core in cr-parser.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12825 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2020-05-12 18:15 修改: 2026-06-17 02:52
passwd	CVE-2018-7169	低危	1:4.5-1.1		shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2018-02-15 20:29 修改: 2026-06-17 02:02
passwd	CVE-2023-29383	低危	1:4.5-1.1		shadow: Improper input validation in shadow-utils package utility chfn 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2023-04-14 22:15 修改: 2026-06-17 05:49
libprocps7	CVE-2023-4016	低危	2:3.3.15-2		procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-08-02 05:15 修改: 2026-06-17 06:36
liblz4-1	CVE-2019-17543	低危	1.8.3-1+deb10u1		lz4: heap-based buffer overflow in LZ4_write32 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2019-10-14 02:15 修改: 2026-06-17 02:24
libsepol1	CVE-2021-36084	低危	2.8-1		libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2021-07-01 03:15 修改: 2026-06-17 03:58
libsepol1	CVE-2021-36085	低危	2.8-1		libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2021-07-01 03:15 修改: 2026-06-17 03:58
libsepol1	CVE-2021-36086	低危	2.8-1		libsepol: use-after-free in cil_reset_classpermission() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2021-07-01 03:15 修改: 2026-06-17 03:58
libsepol1	CVE-2021-36087	低危	2.8-1		libsepol: heap-based buffer overflow in ebitmap_match_any() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2021-07-01 03:15 修改: 2026-06-17 03:58
procps	CVE-2023-4016	低危	2:3.3.15-2		procps: ps buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4016 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2023-08-02 05:15 修改: 2026-06-17 06:36
gpgv	CVE-2019-14855	低危	2.2.12-1+deb10u2		gnupg2: OpenPGP Key Certification Forgeries with SHA-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2020-03-20 16:15 修改: 2026-06-17 02:19
libtiff5	CVE-2022-1210	低危	4.1.0+git191117-2~deb10u9		tiff: Malicious file leads to a denial of service in TIFF File Handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1210 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2022-04-03 09:15 修改: 2026-06-17 04:22
libcairo-gobject2	CVE-2017-7475	低危	1.16.0-4+deb10u1		cairo: NULL pointer dereference with a crafted font file 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24
libcairo-gobject2	CVE-2019-6461	低危	1.16.0-4+deb10u1		cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6461 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-01-16 18:29 修改: 2026-06-17 02:39
libcairo-gobject2	CVE-2019-6462	低危	1.16.0-4+deb10u1		cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6462 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-01-16 18:29 修改: 2026-06-17 02:39
libcairo2	CVE-2017-7475	低危	1.16.0-4+deb10u1		cairo: NULL pointer dereference with a crafted font file 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7475 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2017-05-19 20:29 修改: 2026-06-17 01:24
libcairo2	CVE-2019-6461	低危	1.16.0-4+deb10u1		cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6461 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-01-16 18:29 修改: 2026-06-17 02:39
libcairo2	CVE-2019-6462	低危	1.16.0-4+deb10u1		cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6462 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2019-01-16 18:29 修改: 2026-06-17 02:39
coreutils	CVE-2016-2781	低危	8.30-3		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:19b1230ac19da0b27c923fa01d30578f13ca2b309e8b25f04023e433df628c70 发布日期: 2017-02-07 15:59 修改: 2026-06-17 00:44
libssl1.1	CVE-2024-2511	低危	1.1.1n-0+deb10u6		openssl: Unbounded memory growth with session handling in TLSv1.3 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
linux-libc-dev	CVE-2018-12928	低危	4.19.316-1		kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12928 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2018-06-28 14:29 修改: 2026-06-17 01:38
linux-libc-dev	CVE-2023-52597	低危	4.19.316-1		kernel: KVM: s390: fix setting of fpc register 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52597 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-03-06 07:15 修改: 2026-06-17 06:43
libssl1.1	CVE-2024-4741	低危	1.1.1n-0+deb10u6		openssl: Use After Free with SSL_free_buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741 镜像层: sha256:3f024a20bb3ca896a4befdcc402bdd259e1b00cc850383399cedc9363ca812f5 发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

Java (jar)

低危漏洞:29

中危漏洞:201

高危漏洞:297

严重漏洞:127

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
com.fasterxml.jackson.core:jackson-databind	CVE-2017-15095	严重	2.4.0	2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:07
com.fasterxml.jackson.core:jackson-databind	CVE-2017-15095	严重	2.4.0	2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:07
com.fasterxml.jackson.core:jackson-databind	CVE-2017-15095	严重	2.4.0	2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:07
com.fasterxml.jackson.core:jackson-databind	CVE-2017-15095	严重	2.4.0	2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:07
com.fasterxml.jackson.core:jackson-databind	CVE-2017-15095	严重	2.4.0	2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:07
com.fasterxml.jackson.core:jackson-databind	CVE-2017-17485	严重	2.4.0	2.9.4, 2.8.11, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-10 18:29 修改: 2026-06-17 01:10
com.fasterxml.jackson.core:jackson-databind	CVE-2017-17485	严重	2.4.0	2.9.4, 2.8.11, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-10 18:29 修改: 2026-06-17 01:10
com.fasterxml.jackson.core:jackson-databind	CVE-2017-17485	严重	2.4.0	2.9.4, 2.8.11, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-10 18:29 修改: 2026-06-17 01:10
com.fasterxml.jackson.core:jackson-databind	CVE-2017-17485	严重	2.4.0	2.9.4, 2.8.11, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-10 18:29 修改: 2026-06-17 01:10
com.fasterxml.jackson.core:jackson-databind	CVE-2017-17485	严重	2.4.0	2.9.4, 2.8.11, 2.7.9.2	jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-10 18:29 修改: 2026-06-17 01:10
com.fasterxml.jackson.core:jackson-databind	CVE-2017-7525	严重	2.4.0	2.6.7.1, 2.7.9.1, 2.8.9	jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:24
com.fasterxml.jackson.core:jackson-databind	CVE-2017-7525	严重	2.4.0	2.6.7.1, 2.7.9.1, 2.8.9	jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:24
com.fasterxml.jackson.core:jackson-databind	CVE-2017-7525	严重	2.4.0	2.6.7.1, 2.7.9.1, 2.8.9	jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:24
com.fasterxml.jackson.core:jackson-databind	CVE-2017-7525	严重	2.4.0	2.6.7.1, 2.7.9.1, 2.8.9	jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:24
com.fasterxml.jackson.core:jackson-databind	CVE-2017-7525	严重	2.4.0	2.6.7.1, 2.7.9.1, 2.8.9	jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:24
com.fasterxml.jackson.core:jackson-databind	CVE-2018-11307	严重	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-09 16:15 修改: 2026-06-17 01:35
com.fasterxml.jackson.core:jackson-databind	CVE-2018-11307	严重	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-09 16:15 修改: 2026-06-17 01:35
com.fasterxml.jackson.core:jackson-databind	CVE-2018-11307	严重	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-09 16:15 修改: 2026-06-17 01:35
com.fasterxml.jackson.core:jackson-databind	CVE-2018-11307	严重	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-09 16:15 修改: 2026-06-17 01:35
com.fasterxml.jackson.core:jackson-databind	CVE-2018-11307	严重	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-09 16:15 修改: 2026-06-17 01:35
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14718	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: arbitrary code execution in slf4j-ext class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14718	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: arbitrary code execution in slf4j-ext class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14718	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: arbitrary code execution in slf4j-ext class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14718	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: arbitrary code execution in slf4j-ext class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14718	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: arbitrary code execution in slf4j-ext class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14719	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5	jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14719	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5	jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14719	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5	jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14719	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5	jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-14719	严重	2.4.0	2.9.7, 2.8.11.3, 2.7.9.5	jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41
com.fasterxml.jackson.core:jackson-databind	CVE-2018-19362	严重	2.4.0	2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: improper polymorphic deserialization in jboss-common-core class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:49
com.fasterxml.jackson.core:jackson-databind	CVE-2018-19362	严重	2.4.0	2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: improper polymorphic deserialization in jboss-common-core class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:49
com.fasterxml.jackson.core:jackson-databind	CVE-2018-19362	严重	2.4.0	2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: improper polymorphic deserialization in jboss-common-core class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:49
com.fasterxml.jackson.core:jackson-databind	CVE-2018-19362	严重	2.4.0	2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: improper polymorphic deserialization in jboss-common-core class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:49
com.fasterxml.jackson.core:jackson-databind	CVE-2018-19362	严重	2.4.0	2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3	jackson-databind: improper polymorphic deserialization in jboss-common-core class 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:49
com.fasterxml.jackson.core:jackson-databind	CVE-2018-7489	严重	2.4.0	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-26 15:29 修改: 2026-06-17 02:03
com.fasterxml.jackson.core:jackson-databind	CVE-2018-7489	严重	2.4.0	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-26 15:29 修改: 2026-06-17 02:03
com.fasterxml.jackson.core:jackson-databind	CVE-2018-7489	严重	2.4.0	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-26 15:29 修改: 2026-06-17 02:03
com.fasterxml.jackson.core:jackson-databind	CVE-2018-7489	严重	2.4.0	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-26 15:29 修改: 2026-06-17 02:03
com.fasterxml.jackson.core:jackson-databind	CVE-2018-7489	严重	2.4.0	2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5	jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-02-26 15:29 修改: 2026-06-17 02:03
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14379	严重	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6	jackson-databind: default typing mishandling leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-29 12:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14379	严重	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6	jackson-databind: default typing mishandling leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-29 12:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14379	严重	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6	jackson-databind: default typing mishandling leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-29 12:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14379	严重	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6	jackson-databind: default typing mishandling leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-29 12:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14379	严重	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6	jackson-databind: default typing mishandling leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-29 12:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14540	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14540	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14540	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14540	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14540	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16335	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:22
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16335	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:22
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16335	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:22
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16335	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:22
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16335	严重	2.4.0	2.9.10, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:22
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16942	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16942	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16942	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16942	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16942	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16943	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16943	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16943	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16943	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-16943	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17267	严重	2.4.0	2.9.10, 2.8.11.5	jackson-databind: Serialization gadgets in classes of the ehcache package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-07 00:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17267	严重	2.4.0	2.9.10, 2.8.11.5	jackson-databind: Serialization gadgets in classes of the ehcache package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-07 00:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17267	严重	2.4.0	2.9.10, 2.8.11.5	jackson-databind: Serialization gadgets in classes of the ehcache package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-07 00:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17267	严重	2.4.0	2.9.10, 2.8.11.5	jackson-databind: Serialization gadgets in classes of the ehcache package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-07 00:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17267	严重	2.4.0	2.9.10, 2.8.11.5	jackson-databind: Serialization gadgets in classes of the ehcache package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-07 00:15 修改: 2026-06-17 02:23
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17531	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-12 21:15 修改: 2026-06-17 02:24
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17531	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-12 21:15 修改: 2026-06-17 02:24
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17531	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-12 21:15 修改: 2026-06-17 02:24
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17531	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-12 21:15 修改: 2026-06-17 02:24
com.fasterxml.jackson.core:jackson-databind	CVE-2019-17531	严重	2.4.0	2.9.10.1, 2.8.11.5, 2.6.7.3	jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.* 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-12 21:15 修改: 2026-06-17 02:24
com.fasterxml.jackson.core:jackson-databind	CVE-2019-20330	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	jackson-databind: lacks certain net.sf.ehcache blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-03 04:15 修改: 2026-06-17 02:30
com.fasterxml.jackson.core:jackson-databind	CVE-2019-20330	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	jackson-databind: lacks certain net.sf.ehcache blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-03 04:15 修改: 2026-06-17 02:30
com.fasterxml.jackson.core:jackson-databind	CVE-2019-20330	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	jackson-databind: lacks certain net.sf.ehcache blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-03 04:15 修改: 2026-06-17 02:30
com.fasterxml.jackson.core:jackson-databind	CVE-2019-20330	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	jackson-databind: lacks certain net.sf.ehcache blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-03 04:15 修改: 2026-06-17 02:30
com.fasterxml.jackson.core:jackson-databind	CVE-2019-20330	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2	jackson-databind: lacks certain net.sf.ehcache blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-03 04:15 修改: 2026-06-17 02:30
com.fasterxml.jackson.core:jackson-databind	CVE-2020-8840	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	jackson-databind: Lacks certain xbean-reflect/JNDI blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-02-10 21:56 修改: 2026-06-17 03:27
com.fasterxml.jackson.core:jackson-databind	CVE-2020-8840	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	jackson-databind: Lacks certain xbean-reflect/JNDI blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-02-10 21:56 修改: 2026-06-17 03:27
com.fasterxml.jackson.core:jackson-databind	CVE-2020-8840	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	jackson-databind: Lacks certain xbean-reflect/JNDI blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-02-10 21:56 修改: 2026-06-17 03:27
com.fasterxml.jackson.core:jackson-databind	CVE-2020-8840	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	jackson-databind: Lacks certain xbean-reflect/JNDI blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-02-10 21:56 修改: 2026-06-17 03:27
com.fasterxml.jackson.core:jackson-databind	CVE-2020-8840	严重	2.4.0	2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3	jackson-databind: Lacks certain xbean-reflect/JNDI blocking 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-02-10 21:56 修改: 2026-06-17 03:27
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9547	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in ibatis-sqlmap 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9547	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in ibatis-sqlmap 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9547	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in ibatis-sqlmap 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9547	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in ibatis-sqlmap 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9547	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in ibatis-sqlmap 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9548	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in anteros-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9548	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in anteros-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9548	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in anteros-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9548	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in anteros-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2020-9548	严重	2.4.0	2.9.10.4, 2.8.11.6, 2.7.9.7	jackson-databind: Serialization gadgets in anteros-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28
com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer	CVE-2021-42575	严重	r239	20211018.1	owasp-java-html-sanitizer: improper policies enforcement may lead to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42575 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-10-18 15:15 修改: 2026-06-17 04:09
com.nimbusds:nimbus-jose-jwt	CVE-2019-17195	严重	4.41.1	7.9	nimbus-jose-jwt: Uncaught exceptions while parsing a JWT 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17195 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-15 14:15 修改: 2026-06-17 02:23
io.netty:netty	CVE-2019-20444	严重	3.10.6.Final	4.0.0	netty: HTTP request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20444 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-29 21:15 修改: 2026-06-17 02:30
org.apache.avro:avro	CVE-2024-47561	严重	1.7.7	1.11.4	apache-avro: Schema parsing may trigger Remote Code Execution (RCE) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
org.apache.avro:avro	CVE-2024-47561	严重	1.7.7	1.11.4	apache-avro: Schema parsing may trigger Remote Code Execution (RCE) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
org.apache.avro:avro	CVE-2024-47561	严重	1.7.7	1.11.4	apache-avro: Schema parsing may trigger Remote Code Execution (RCE) 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
org.apache.hadoop:hadoop-common	CVE-2021-37404	严重	2.10.0	3.3.2, 3.2.3, 2.10.2	hadoop-hdfs: Heap buffer overflow in Apache Hadoop libhdfs 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37404 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-06-13 07:15 修改: 2026-06-17 04:00
org.apache.hadoop:hadoop-common	CVE-2022-25168	严重	2.10.0	2.10.2, 3.2.4, 3.3.3	hadoop: Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25168 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-08-04 15:15 修改: 2026-06-17 04:33
org.apache.hadoop:hadoop-common	CVE-2022-26612	严重	2.10.0	3.2.3, 2.10.2, 3.3.3	hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26612 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-04-07 19:15 修改: 2026-06-17 04:35
org.apache.hadoop:hadoop-common	CVE-2021-37404	严重	3.3.0	3.3.2, 3.2.3, 2.10.2	hadoop-hdfs: Heap buffer overflow in Apache Hadoop libhdfs 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37404 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-06-13 07:15 修改: 2026-06-17 04:00
org.apache.hadoop:hadoop-common	CVE-2021-37404	严重	3.3.0	3.3.2, 3.2.3, 2.10.2	hadoop-hdfs: Heap buffer overflow in Apache Hadoop libhdfs 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37404 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-06-13 07:15 修改: 2026-06-17 04:00
org.apache.hadoop:hadoop-common	CVE-2021-37404	严重	3.3.0	3.3.2, 3.2.3, 2.10.2	hadoop-hdfs: Heap buffer overflow in Apache Hadoop libhdfs 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37404 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-06-13 07:15 修改: 2026-06-17 04:00
org.apache.hadoop:hadoop-common	CVE-2022-25168	严重	3.3.0	2.10.2, 3.2.4, 3.3.3	hadoop: Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25168 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-08-04 15:15 修改: 2026-06-17 04:33
org.apache.hadoop:hadoop-common	CVE-2022-25168	严重	3.3.0	2.10.2, 3.2.4, 3.3.3	hadoop: Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25168 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-08-04 15:15 修改: 2026-06-17 04:33
org.apache.hadoop:hadoop-common	CVE-2022-25168	严重	3.3.0	2.10.2, 3.2.4, 3.3.3	hadoop: Command injection in org.apache.hadoop.fs.FileUtil.unTarUsingTar 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25168 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-08-04 15:15 修改: 2026-06-17 04:33
org.apache.hadoop:hadoop-common	CVE-2022-26612	严重	3.3.0	3.2.3, 2.10.2, 3.3.3	hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26612 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-04-07 19:15 修改: 2026-06-17 04:35
org.apache.hadoop:hadoop-common	CVE-2022-26612	严重	3.3.0	3.2.3, 2.10.2, 3.3.3	hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26612 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-04-07 19:15 修改: 2026-06-17 04:35
org.apache.hadoop:hadoop-common	CVE-2022-26612	严重	3.3.0	3.2.3, 2.10.2, 3.3.3	hadoop: Arbitrary file write in FileUtil#unpackEntries on Windows 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26612 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-04-07 19:15 修改: 2026-06-17 04:35
org.apache.ranger:ranger-plugins-common	CVE-2025-59059	严重	2.4.0	2.8.0	Apache Ranger has a Code Injection vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59059 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-03 11:16 修改: 2026-06-17 09:45
org.apache.ranger:ranger-plugins-common	CVE-2025-59059	严重	2.4.0	2.8.0	Apache Ranger has a Code Injection vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59059 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-03 11:16 修改: 2026-06-17 09:45
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-24813	严重	8.5.86	11.0.3, 10.1.35, 9.0.99	tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24813 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-03-10 17:15 修改: 2026-06-17 08:59
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41293	严重	8.5.86	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41293 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:46
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43512	严重	8.5.86	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43512 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43515	严重	8.5.86	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: tomcat: Improper Authorization allows security bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43515 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
org.apache.zookeeper:zookeeper	CVE-2023-44981	严重	3.4.14	3.7.2, 3.8.3, 3.9.1	zookeeper: Authorization Bypass in Apache ZooKeeper 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-11 12:15 修改: 2026-06-17 06:28
org.apache.zookeeper:zookeeper	CVE-2023-44981	严重	3.5.7	3.7.2, 3.8.3, 3.9.1	zookeeper: Authorization Bypass in Apache ZooKeeper 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-11 12:15 修改: 2026-06-17 06:28
org.codehaus.jackson:jackson-mapper-asl	CVE-2019-10202	严重	1.9.13		codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10202 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 15:15 修改: 2026-06-17 02:10
org.codehaus.jackson:jackson-mapper-asl	CVE-2019-10202	严重	1.9.13		codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10202 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-10-01 15:15 修改: 2026-06-17 02:10
org.springframework.security:spring-security-config	CVE-2023-34034	严重	5.7.5	5.6.12, 5.7.10, 5.8.5, 6.0.5, 6.1.2	spring-security-webflux: path wildcard leads to security bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34034 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-07-19 15:15 修改: 2026-06-17 06:02
org.springframework.security:spring-security-web	CVE-2024-38821	严重	5.7.5	5.7.13, 5.8.15, 6.2.7, 6.0.13, 6.1.11, 6.3.4	Spring-WebFlux: Authorization Bypass of Static Resources in WebFlux Applications 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38821 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-28 07:15 修改: 2026-06-17 07:41
org.springframework.security:spring-security-web	CVE-2026-22732	严重	5.7.5	6.5.9, 7.0.4	Spring Security: Spring Security: Security policy bypass and information disclosure due to unwritten HTTP headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22732 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-19 23:16 修改: 2026-06-17 10:20
org.springframework:spring-web	CVE-2016-1000027	严重	5.3.23	6.0.0	spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-02 23:15 修改: 2024-11-21 02:42
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12086	高危	2.4.0	2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-05-17 17:29 修改: 2026-06-17 02:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12086	高危	2.4.0	2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-05-17 17:29 修改: 2026-06-17 02:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12086	高危	2.4.0	2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-05-17 17:29 修改: 2026-06-17 02:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12086	高危	2.4.0	2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-05-17 17:29 修改: 2026-06-17 02:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14439	高危	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: Polymorphic typing issue related to logback/JNDI 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-30 11:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14439	高危	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: Polymorphic typing issue related to logback/JNDI 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-30 11:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14439	高危	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: Polymorphic typing issue related to logback/JNDI 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-30 11:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14439	高危	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: Polymorphic typing issue related to logback/JNDI 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-30 11:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14439	高危	2.4.0	2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: Polymorphic typing issue related to logback/JNDI 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-07-30 11:15 修改: 2026-06-17 02:18
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14892	高危	2.4.0	2.6.7.3, 2.8.11.5, 2.9.10	jackson-databind: Serialization gadgets in classes of the commons-configuration package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 17:15 修改: 2026-06-17 02:19
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14892	高危	2.4.0	2.6.7.3, 2.8.11.5, 2.9.10	jackson-databind: Serialization gadgets in classes of the commons-configuration package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 17:15 修改: 2026-06-17 02:19
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14892	高危	2.4.0	2.6.7.3, 2.8.11.5, 2.9.10	jackson-databind: Serialization gadgets in classes of the commons-configuration package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 17:15 修改: 2026-06-17 02:19
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14892	高危	2.4.0	2.6.7.3, 2.8.11.5, 2.9.10	jackson-databind: Serialization gadgets in classes of the commons-configuration package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 17:15 修改: 2026-06-17 02:19
com.fasterxml.jackson.core:jackson-databind	CVE-2019-14892	高危	2.4.0	2.6.7.3, 2.8.11.5, 2.9.10	jackson-databind: Serialization gadgets in classes of the commons-configuration package 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-02 17:15 修改: 2026-06-17 02:19
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10650	高危	2.4.0	2.9.10.4	A deserialization flaw was discovered in jackson-databind through 2.9. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-26 20:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10650	高危	2.4.0	2.9.10.4	A deserialization flaw was discovered in jackson-databind through 2.9. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-26 20:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10650	高危	2.4.0	2.9.10.4	A deserialization flaw was discovered in jackson-databind through 2.9. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-26 20:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10650	高危	2.4.0	2.9.10.4	A deserialization flaw was discovered in jackson-databind through 2.9. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-26 20:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10650	高危	2.4.0	2.9.10.4	A deserialization flaw was discovered in jackson-databind through 2.9. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-26 20:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10673	高危	2.4.0	2.9.10.4, 2.6.7.4	jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-18 22:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10673	高危	2.4.0	2.9.10.4, 2.6.7.4	jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-18 22:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10673	高危	2.4.0	2.9.10.4, 2.6.7.4	jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-18 22:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10673	高危	2.4.0	2.9.10.4, 2.6.7.4	jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-18 22:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-10673	高危	2.4.0	2.9.10.4, 2.6.7.4	jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-03-18 22:15 修改: 2026-06-17 02:48
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24616	高危	2.4.0	2.9.10.6	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-08-25 18:15 修改: 2026-06-17 03:05
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24616	高危	2.4.0	2.9.10.6	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-08-25 18:15 修改: 2026-06-17 03:05
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24616	高危	2.4.0	2.9.10.6	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-08-25 18:15 修改: 2026-06-17 03:05
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24616	高危	2.4.0	2.9.10.6	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-08-25 18:15 修改: 2026-06-17 03:05
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24616	高危	2.4.0	2.9.10.6	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-08-25 18:15 修改: 2026-06-17 03:05
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24750	高危	2.4.0	2.6.7.5, 2.9.10.6	jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-09-17 19:15 修改: 2026-06-17 03:06
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24750	高危	2.4.0	2.6.7.5, 2.9.10.6	jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-09-17 19:15 修改: 2026-06-17 03:06
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24750	高危	2.4.0	2.6.7.5, 2.9.10.6	jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-09-17 19:15 修改: 2026-06-17 03:06
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24750	高危	2.4.0	2.6.7.5, 2.9.10.6	jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-09-17 19:15 修改: 2026-06-17 03:06
com.fasterxml.jackson.core:jackson-databind	CVE-2020-24750	高危	2.4.0	2.6.7.5, 2.9.10.6	jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-09-17 19:15 修改: 2026-06-17 03:06
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35490	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35490	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35490	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35490	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35490	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35491	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35491	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35491	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35491	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35491	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35728	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-27 05:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35728	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-27 05:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35728	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-27 05:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35728	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-27 05:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-35728	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-27 05:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36179	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36179	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36179	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36179	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36179	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36180	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36180	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36180	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36180	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36180	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36181	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36181	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36181	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36181	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36181	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36182	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36182	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36182	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36182	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36182	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36183	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36183	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36183	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36183	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36183	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36184	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36184	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36184	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36184	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36184	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36185	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36185	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36185	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36185	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36185	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36186	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36186	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36186	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36186	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36186	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36187	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36187	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36187	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36187	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36187	高危	2.4.0	2.9.10.8	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36188	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36188	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36188	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36188	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36188	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36189	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36189	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36189	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36189	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36189	高危	2.4.0	2.9.10.8, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.4.0	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.4.0	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.4.0	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.4.0	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.4.0	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
com.fasterxml.jackson.core:jackson-databind	CVE-2021-20190	高危	2.4.0	2.9.10.7, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-19 17:15 修改: 2026-06-17 03:33
com.fasterxml.jackson.core:jackson-databind	CVE-2021-20190	高危	2.4.0	2.9.10.7, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-19 17:15 修改: 2026-06-17 03:33
com.fasterxml.jackson.core:jackson-databind	CVE-2021-20190	高危	2.4.0	2.9.10.7, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-19 17:15 修改: 2026-06-17 03:33
com.fasterxml.jackson.core:jackson-databind	CVE-2021-20190	高危	2.4.0	2.9.10.7, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-19 17:15 修改: 2026-06-17 03:33
com.fasterxml.jackson.core:jackson-databind	CVE-2021-20190	高危	2.4.0	2.9.10.7, 2.6.7.5	jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-19 17:15 修改: 2026-06-17 03:33
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.4.0	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.4.0	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.4.0	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.4.0	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.4.0	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.4.0	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.4.0	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.4.0	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.4.0	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.4.0	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor	CVE-2020-28491	高危	2.10.4	2.11.4, 2.12.1	jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28491 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-02-18 16:15 修改: 2026-06-17 03:10
com.google.code.gson:gson	CVE-2022-25647	高危	2.8.5	2.8.9	com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-05-01 16:15 修改: 2026-06-17 04:33
com.google.protobuf:protobuf-java	CVE-2021-22569	高危	2.5.0	3.16.1, 3.18.2, 3.19.2	protobuf-java: potential DoS in the parsing procedure for binary data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	2.5.0	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java	CVE-2022-3509	高危	3.17.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Textformat parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3509	高危	3.17.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Textformat parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3509	高危	3.17.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Textformat parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3510	高危	3.17.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Message-Type Extensions parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3510	高危	3.17.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Message-Type Extensions parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3510	高危	3.17.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Message-Type Extensions parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	3.17.1	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	3.17.1	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	3.17.1	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java	CVE-2022-3509	高危	3.19.3	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Textformat parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3509	高危	3.19.3	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Textformat parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3510	高危	3.19.3	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Message-Type Extensions parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3510	高危	3.19.3	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Message-Type Extensions parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	3.19.3	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	3.19.3	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java	CVE-2021-22569	高危	3.7.1	3.16.1, 3.18.2, 3.19.2	protobuf-java: potential DoS in the parsing procedure for binary data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
com.google.protobuf:protobuf-java	CVE-2022-3509	高危	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Textformat parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2022-3510	高危	3.7.1	3.16.3, 3.19.6, 3.20.3, 3.21.7	protobuf-java: Message-Type Extensions parsing issue leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java	CVE-2024-7254	高危	3.7.1	3.25.5, 4.27.5, 4.28.2	protobuf: StackOverflow vulnerability in Protocol Buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.4.0	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
com.mchange:c3p0	CVE-2026-27830	高危	0.9.5.5	0.12.0	c3p0: c3p0: Arbitrary Code Execution via deserialization of crafted objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27830 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-26 01:16 修改: 2026-06-17 10:27
com.mchange:mchange-commons-java	CVE-2026-27727	高危	0.2.19	0.4.0	com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27727 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-25 17:25 修改: 2026-06-17 10:27
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.4.0	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	高危	4.41.1	9.37.2	nimbus-jose-jwt: large JWE p2c header value causes Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42
com.nimbusds:nimbus-jose-jwt	CVE-2023-52428	高危	8.15	9.37.2	nimbus-jose-jwt: large JWE p2c header value causes Denial of Service 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42
commons-beanutils:commons-beanutils	CVE-2025-48734	高危	1.9.4	1.11.0	commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-05-28 14:15 修改: 2026-06-17 09:30
commons-io:commons-io	CVE-2024-47554	高危	2.5	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
commons-io:commons-io	CVE-2024-47554	高危	2.5	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
commons-io:commons-io	CVE-2024-47554	高危	2.5	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
commons-io:commons-io	CVE-2024-47554	高危	2.6	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
commons-io:commons-io	CVE-2024-47554	高危	2.8.0	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
dnsjava:dnsjava	CVE-2024-25638	高危	2.1.7	3.6.0	dnsjava: Improper response validation allowing DNSSEC bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-07-22 14:15 修改: 2026-06-17 07:16
io.airlift:aircompressor	CVE-2024-36114	高危	0.10	0.27	Decompressors can crash the JVM and leak memory content in Aircompressor 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-05-29 21:15 修改: 2026-06-17 07:36
io.airlift:aircompressor	CVE-2025-67721	高危	0.10	2.0.3	aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67721 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-12-12 23:15 修改: 2026-06-17 09:58
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.11.3	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
io.netty:netty	CVE-2021-37136	高危	3.10.6.Final	4.0.0	netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37136 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-10-19 15:15 修改: 2026-06-17 04:00
io.netty:netty	CVE-2021-37137	高危	3.10.6.Final	4.0.0	netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37137 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-10-19 15:15 修改: 2026-06-17 04:00
io.netty:netty-codec	CVE-2021-37136	高危	4.1.45.Final	4.1.68.Final	netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37136 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-10-19 15:15 修改: 2026-06-17 04:00
io.netty:netty-codec	CVE-2021-37137	高危	4.1.45.Final	4.1.68.Final	netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37137 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-10-19 15:15 修改: 2026-06-17 04:00
io.netty:netty-codec	CVE-2026-42583	高危	4.1.45.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec	CVE-2026-42583	高危	4.1.68.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec	CVE-2026-42583	高危	4.1.68.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-dns	CVE-2026-42579	高危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-haproxy	CVE-2026-44893	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44893 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:51
io.netty:netty-codec-haproxy	CVE-2026-48059	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48059 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http	CVE-2026-33870	高危	4.1.68.Final	4.1.132.Final, 4.2.10.Final	io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.68.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.68.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-33870	高危	4.1.78.Final	4.1.132.Final, 4.2.10.Final	io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http2	CVE-2025-55163	高危	4.1.78.Final	4.2.4.Final, 4.1.124.Final	netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
io.netty:netty-codec-http2	CVE-2026-33871	高危	4.1.78.Final	4.1.132.Final, 4.2.11.Final	netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http2	GHSA-xpw8-rcwv-8f8p	高危	4.1.78.Final	4.1.100.Final	io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack 漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-10 22:22 修改: 2023-11-06 22:08
io.netty:netty-codec-redis	CVE-2026-44250	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44250 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-codec-redis	CVE-2026-44890	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44890 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:51
io.netty:netty-codec-redis	CVE-2026-48006	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-redis: Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48006 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-codec-redis	CVE-2026-50011	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-redis: Netty: Denial of Service via malicious Redis array header 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50011 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-codec-smtp	CVE-2025-59419	高危	4.1.78.Final	4.2.7.Final, 4.1.128.Final	io.netty/netty-codec-smtp: Netty netty-codec-smtp SMTP Command Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59419 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-15 16:15 修改: 2026-06-17 09:46
io.netty:netty-handler	CVE-2020-11612	高危	4.1.45.Final	4.1.46	netty: compression/decompression codecs don't enforce limits on buffer allocation sizes 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11612 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-04-07 18:15 修改: 2026-06-17 02:50
io.netty:netty-handler	CVE-2026-44249	高危	4.1.45.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-45416	高危	4.1.45.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-50010	高危	4.1.45.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler	CVE-2026-44249	高危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-44249	高危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-45416	高危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-45416	高危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-50010	高危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler	CVE-2026-50010	高危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-resolver-dns	CVE-2026-45674	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-resolver-dns	CVE-2026-47691	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-transport-sctp	CVE-2026-46340	高危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46340 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:53
mysql:mysql-connector-java	CVE-2023-22102	高危	8.0.28		mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2023) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22102 镜像层: sha256:79071ec49ca363cba0f06532b689e675bdb01ce74fbfed2e3ff9e79c86b070ea 发布日期: 2023-10-17 22:15 修改: 2026-06-17 05:34
net.minidev:json-smart	CVE-2023-1370	高危	2.3	2.4.9	json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-03-22 06:15 修改: 2026-06-17 05:27
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	高危	2.11.3	2.12.6, 2.13.1	jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-03-18 22:15 修改: 2026-06-17 04:15
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.11.3	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.11.3	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
org.apache.avro:avro	CVE-2023-39410	高危	1.7.7	1.11.3	apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-09-29 17:15 修改: 2026-06-17 06:12
org.apache.avro:avro	CVE-2023-39410	高危	1.7.7	1.11.3	apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-09-29 17:15 修改: 2026-06-17 06:12
org.apache.avro:avro	CVE-2023-39410	高危	1.7.7	1.11.3	apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-09-29 17:15 修改: 2026-06-17 06:12
org.apache.commons:commons-compress	CVE-2021-35515	高危	1.19	1.21	apache-commons-compress: infinite loop when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35516	高危	1.19	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35517	高危	1.19	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-36090	高危	1.19	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:58
org.apache.commons:commons-compress	CVE-2021-35515	高危	1.8.1	1.21	apache-commons-compress: infinite loop when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35515	高危	1.8.1	1.21	apache-commons-compress: infinite loop when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35515	高危	1.8.1	1.21	apache-commons-compress: infinite loop when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35516	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35516	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35516	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35517	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35517	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-35517	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57
org.apache.commons:commons-compress	CVE-2021-36090	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:58
org.apache.commons:commons-compress	CVE-2021-36090	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:58
org.apache.commons:commons-compress	CVE-2021-36090	高危	1.8.1	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:58
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.12.3	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	高危	2.12.3	2.12.6, 2.13.1	jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-03-18 22:15 修改: 2026-06-17 04:15
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.12.3	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
org.apache.hadoop:hadoop-common	CVE-2020-9492	高危	2.10.0	3.2.2, 3.1.4, 2.10.1	hadoop: WebHDFS client might send SPNEGO authorization header 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9492 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-01-26 18:16 修改: 2026-06-17 03:28
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.12.3	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
ch.qos.logback:logback-classic	CVE-2023-6378	高危	1.2.10	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50
ch.qos.logback:logback-classic	CVE-2023-6378	高危	1.2.10	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50
ch.qos.logback:logback-core	CVE-2023-6378	高危	1.2.10	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50
ch.qos.logback:logback-core	CVE-2023-6378	高危	1.2.10	1.3.12, 1.4.12, 1.2.13	logback: serialization vulnerability in logback receiver 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50
com.amazonaws:aws-java-sdk-s3	CVE-2022-31159	高危	1.12.125	1.12.261	Partial Path Traversal in com.amazonaws:aws-java-sdk-s3 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31159 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-07-15 18:15 修改: 2026-06-17 04:44
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.10.4	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.11.3	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.12.3	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
org.apache.hive:hive-service	CVE-2024-23945	高危	3.1.2	4.0.0	Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23945 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-23 16:15 修改: 2026-06-17 07:13
org.apache.kafka:kafka-clients	CVE-2026-35554	高危	2.8.1	3.9.2, 4.0.2, 4.1.2	Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35554 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-04-07 14:16 修改: 2026-06-17 10:40
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.4.0	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.4.0	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
org.apache.thrift:libthrift	CVE-2020-13949	高危	0.13.0	0.14.0	libthrift: potential DoS when processing untrusted payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-02-12 20:15 修改: 2026-06-17 02:53
org.apache.thrift:libthrift	CVE-2020-13949	高危	0.13.0	0.14.0	libthrift: potential DoS when processing untrusted payloads 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-02-12 20:15 修改: 2026-06-17 02:53
org.apache.thrift:libthrift	CVE-2026-43869	高危	0.13.0	0.23.0	Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-05 08:16 修改: 2026-06-17 10:50
org.apache.thrift:libthrift	CVE-2026-43869	高危	0.13.0	0.23.0	Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-05 08:16 修改: 2026-06-17 10:50
com.fasterxml.jackson.core:jackson-core	CVE-2025-52999	高危	2.4.0	2.15.0	com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
com.fasterxml.jackson.core:jackson-databind	CVE-2018-12022	高危	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: improper polymorphic deserialization of types from Jodd-db library 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-03-21 16:00 修改: 2026-06-17 01:37
com.fasterxml.jackson.core:jackson-databind	CVE-2018-12022	高危	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: improper polymorphic deserialization of types from Jodd-db library 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-03-21 16:00 修改: 2026-06-17 01:37
com.fasterxml.jackson.core:jackson-databind	CVE-2018-12022	高危	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: improper polymorphic deserialization of types from Jodd-db library 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-03-21 16:00 修改: 2026-06-17 01:37
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-24998	高危	8.5.86	10.1.5, 11.0.0-M5, 8.5.88, 9.0.71	FileUpload: FileUpload DoS with excessive parts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-02-20 16:15 修改: 2026-06-17 05:40
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-46589	高危	8.5.86	11.0.0-M11, 10.1.16, 9.0.83, 8.5.96	tomcat: HTTP request smuggling via malformed trailer headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46589 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-28 16:15 修改: 2026-06-17 06:31
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-34750	高危	8.5.86	11.0.0-M21, 10.1.25, 9.0.90	tomcat: Improper Handling of Exceptional Conditions 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-07-03 20:15 修改: 2026-06-17 07:34
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-50379	高危	8.5.86	11.0.2, 10.1.34, 9.0.98	tomcat: RCE due to TOCTOU issue in JSP compilation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50379 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-17 13:15 修改: 2026-06-17 08:04
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-48988	高危	8.5.86	11.0.8, 10.1.42, 9.0.106	tomcat: Apache Tomcat DoS in multipart upload 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48988 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-16 15:15 修改: 2026-06-17 09:30
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-52520	高危	8.5.86	11.0.9, 10.1.43, 9.0.107	tomcat: Apache Tomcat denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52520 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-10 19:15 修改: 2026-06-17 09:36
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-53506	高危	8.5.86	9.0.107, 10.1.43, 11.0.9	tomcat: Apache Tomcat denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53506 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-10 20:15 修改: 2026-06-17 09:38
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-55752	高危	8.5.86	11.0.11, 10.1.45, 9.0.109	tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Directory traversal via rewrite with possible RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55752 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-27 18:15 修改: 2026-06-17 09:42
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24880	高危	8.5.86	9.0.116, 10.1.52, 11.0.20	Apache Tomcat: Apache Tomcat: HTTP Request/Response Smuggling via invalid chunk extension 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24880 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:23
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-41284	高危	8.5.86	9.0.118, 10.1.55, 11.0.22	Allocation of Resources Without Limits or Throttling vulnerability in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41284 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:46
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-42498	高危	8.5.86	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42498 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:47
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43513	高危	8.5.86	9.0.118, 10.1.55, 11.0.22	Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43513 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
com.fasterxml.jackson.core:jackson-databind	CVE-2018-12022	高危	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: improper polymorphic deserialization of types from Jodd-db library 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-03-21 16:00 修改: 2026-06-17 01:37
com.fasterxml.jackson.core:jackson-databind	CVE-2018-12022	高危	2.4.0	2.7.9.4, 2.8.11.2, 2.9.6	jackson-databind: improper polymorphic deserialization of types from Jodd-db library 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-03-21 16:00 修改: 2026-06-17 01:37
com.fasterxml.jackson.core:jackson-databind	CVE-2018-5968	高危	2.4.0	2.8.11.1, 2.9.4, 2.7.9.5	jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-22 04:29 修改: 2026-06-17 02:01
com.fasterxml.jackson.core:jackson-databind	CVE-2018-5968	高危	2.4.0	2.8.11.1, 2.9.4, 2.7.9.5	jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-22 04:29 修改: 2026-06-17 02:01
org.codehaus.jackson:jackson-mapper-asl	CVE-2019-10172	高危	1.9.13		jackson-mapper-asl: XML external entity similar to CVE-2016-3720 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10172 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-11-18 17:15 修改: 2026-06-17 02:10
org.codehaus.jackson:jackson-mapper-asl	CVE-2019-10172	高危	1.9.13		jackson-mapper-asl: XML external entity similar to CVE-2016-3720 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10172 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-11-18 17:15 修改: 2026-06-17 02:10
org.codehaus.jettison:jettison	CVE-2022-40150	高危	1.1	1.5.2	jettison: memory exhaustion via user-supplied XML or JSON data 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
org.codehaus.jettison:jettison	CVE-2022-45685	高危	1.1	1.5.2	jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-13 15:15 修改: 2026-06-17 05:10
org.codehaus.jettison:jettison	CVE-2022-45693	高危	1.1	1.5.2	jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-13 15:15 修改: 2026-06-17 05:10
org.codehaus.jettison:jettison	CVE-2023-1436	高危	1.1	1.5.4	jettison: Uncontrolled Recursion in JSONArray 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-03-22 06:15 修改: 2026-06-17 05:27
org.eclipse.jetty.http2:http2-common	CVE-2024-22201	高危	9.4.44.v20210927	9.4.54, 10.0.20, 11.0.20	jetty: stop accepting new connections from valid clients 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22201 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-26 16:27 修改: 2026-06-17 07:10
org.eclipse.jetty.http2:http2-common	CVE-2025-5115	高危	9.4.44.v20210927	9.4.58, 10.0.26, 11.0.26	jetty: HTTP/2 (including DNS over HTTPS) contains a design flaw and is vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5115 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-08-20 20:15 修改: 2026-06-17 09:47
org.eclipse.jetty.http2:http2-hpack	CVE-2023-36478	高危	9.4.44.v20210927	10.0.16, 11.0.16, 9.4.53	jetty: hpack header values cause denial of service in http/2 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36478 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-10 17:15 修改: 2026-06-17 06:06
org.elasticsearch:elasticsearch	CVE-2023-31418	高危	7.10.2	7.17.13, 8.9.0	elasticsearch: uncontrolled resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31418 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-26 18:15 修改: 2026-06-17 05:56
org.elasticsearch:elasticsearch	CVE-2023-31418	高危	7.10.2	7.17.13, 8.9.0	elasticsearch: uncontrolled resource consumption 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31418 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-26 18:15 修改: 2026-06-17 05:56
org.jline:jline-remote-telnet	GHSA-2r2c-cx56-8933	高危	3.9.0	4.2.1	JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry 漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
org.jline:jline-remote-telnet	GHSA-47qp-hqvx-6r3f	高危	3.9.0	4.2.1	JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables 漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
com.fasterxml.jackson.core:jackson-databind	CVE-2018-5968	高危	2.4.0	2.8.11.1, 2.9.4, 2.7.9.5	jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-22 04:29 修改: 2026-06-17 02:01
org.springframework.security:spring-security-core	CVE-2024-22257	高危	5.7.5	5.7.12, 5.8.11, 6.1.8, 6.2.3	spring-security: Broken Access Control With Direct Use of AuthenticatedVoter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22257 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-18 15:15 修改: 2026-06-17 07:11
org.springframework.security:spring-security-crypto	CVE-2025-22228	高危	5.7.5	6.3.8, 6.4.4, 6.2.10, 6.1.14, 6.0.16, 5.8.18, 5.7.16	spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22228 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-03-20 06:15 修改: 2026-06-17 08:45
com.fasterxml.jackson.core:jackson-databind	CVE-2018-5968	高危	2.4.0	2.8.11.1, 2.9.4, 2.7.9.5	jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-22 04:29 修改: 2026-06-17 02:01
com.fasterxml.jackson.core:jackson-databind	CVE-2018-5968	高危	2.4.0	2.8.11.1, 2.9.4, 2.7.9.5	jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-01-22 04:29 修改: 2026-06-17 02:01
org.springframework:spring-core	CVE-2025-41249	高危	5.3.23	6.2.11	org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41249 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-09-16 11:15 修改: 2026-06-17 09:22
org.springframework:spring-expression	CVE-2023-20863	高危	5.3.23	6.0.8, 5.3.27, 5.2.24.RELEASE	springframework: Spring Expression DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-04-13 20:15 修改: 2026-06-17 05:31
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12086	高危	2.4.0	2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-05-17 17:29 修改: 2026-06-17 02:14
org.springframework:spring-web	CVE-2024-22243	高危	5.3.23	6.1.4, 6.0.17, 5.3.32	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-23 05:15 修改: 2026-06-17 07:11
org.springframework:spring-web	CVE-2024-22259	高危	5.3.23	6.1.5, 6.0.18, 5.3.33	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-16 05:15 修改: 2026-06-17 07:11
org.springframework:spring-web	CVE-2024-22262	高危	5.3.23	5.3.34, 6.0.19, 6.1.6	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-04-16 06:15 修改: 2026-06-17 07:11
org.xerial.snappy:snappy-java	CVE-2023-34455	高危	1.0.5	1.1.10.1	snappy-java: Unchecked chunk length leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-15 18:15 修改: 2026-06-17 06:03
org.xerial.snappy:snappy-java	CVE-2023-43642	高危	1.0.5	1.1.10.4	snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-09-25 20:15 修改: 2026-06-17 06:26
org.xerial.snappy:snappy-java	CVE-2023-34455	高危	1.1.7.6	1.1.10.1	snappy-java: Unchecked chunk length leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-15 18:15 修改: 2026-06-17 06:03
org.xerial.snappy:snappy-java	CVE-2023-43642	高危	1.1.7.6	1.1.10.4	snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-09-25 20:15 修改: 2026-06-17 06:26
org.yaml:snakeyaml	CVE-2022-1471	高危	1.26	2.0	SnakeYaml: Constructor Deserialization Remote Code Execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-01 11:15 修改: 2026-06-17 04:22
org.yaml:snakeyaml	CVE-2022-25857	高危	1.26	1.31	snakeyaml: Denial of Service due to missing nested depth limitation for collections 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-08-30 05:15 修改: 2026-06-17 04:34
software.amazon.ion:ion-java	CVE-2024-21634	高危	1.0.2	1.10.5	ion-java: ion-java: Ion Java StackOverflow vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-01-03 23:15 修改: 2026-06-17 07:09
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12384	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-24 16:15 修改: 2026-06-17 02:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12384	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-24 16:15 修改: 2026-06-17 02:14
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	3.7.1	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12384	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-24 16:15 修改: 2026-06-17 02:14
io.netty:netty-handler	CVE-2023-34462	中危	4.1.68.Final	4.1.94.Final	netty: SniHandler 16MB allocation leads to OOM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-22 23:15 修改: 2026-06-17 06:03
io.netty:netty-handler	CVE-2023-34462	中危	4.1.68.Final	4.1.94.Final	netty: SniHandler 16MB allocation leads to OOM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-22 23:15 修改: 2026-06-17 06:03
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12384	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-24 16:15 修改: 2026-06-17 02:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12814	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-19 14:15 修改: 2026-06-17 02:15
io.netty:netty-resolver-dns	CVE-2026-45673	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-epoll	CVE-2026-45536	中危	4.1.45.Final	4.2.15.Final, 4.1.135.Final	netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-epoll	CVE-2026-45536	中危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-epoll	CVE-2026-45536	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-epoll	CVE-2026-45536	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-kqueue	CVE-2026-45536	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-kqueue	CVE-2026-45536	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12814	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-19 14:15 修改: 2026-06-17 02:15
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12814	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-19 14:15 修改: 2026-06-17 02:15
com.nimbusds:nimbus-jose-jwt	CVE-2025-53864	中危	4.41.1	10.0.2, 9.37.4	com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
net.minidev:json-smart	CVE-2021-27568	中危	2.3	1.3.2, 2.4.1, 2.3.1	json-smart: uncaught exception may lead to crash or information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27568 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-02-23 02:15 修改: 2026-06-17 03:45
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12814	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-19 14:15 修改: 2026-06-17 02:15
com.nimbusds:nimbus-jose-jwt	CVE-2025-53864	中危	8.15	10.0.2, 9.37.4	com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
com.squareup.okio:okio	CVE-2023-3635	中危	1.6.0	3.4.0, 1.17.6	okio: GzipSource class improper exception handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-07-12 19:15 修改: 2026-06-17 06:14
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12814	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-19 14:15 修改: 2026-06-17 02:15
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.4.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.woodstox:woodstox-core	CVE-2022-40152	中危	5.0.3	6.4.0, 5.4.0	woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
com.fasterxml.woodstox:woodstox-core	CVE-2022-40152	中危	5.0.3	6.4.0, 5.4.0	woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
commons-io:commons-io	CVE-2021-29425	中危	2.5	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-04-13 07:15 修改: 2026-06-17 03:47
commons-io:commons-io	CVE-2021-29425	中危	2.5	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-04-13 07:15 修改: 2026-06-17 03:47
commons-io:commons-io	CVE-2021-29425	中危	2.5	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-04-13 07:15 修改: 2026-06-17 03:47
org.apache.commons:commons-compress	CVE-2024-25710	中危	1.19	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
com.fasterxml.woodstox:woodstox-core	CVE-2022-40152	中危	5.0.3	6.4.0, 5.4.0	woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
commons-io:commons-io	CVE-2021-29425	中危	2.6	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-04-13 07:15 修改: 2026-06-17 03:47
com.fasterxml.woodstox:woodstox-core	CVE-2022-40152	中危	6.2.4	6.4.0, 5.4.0	woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-lang:commons-lang	CVE-2025-48924	中危	2.6		commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-net:commons-net	CVE-2021-37533	中危	3.1	3.9.0	apache-commons-net: FTP client trusts the host from PASV response by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37533 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-03 15:15 修改: 2026-06-17 04:00
commons-net:commons-net	CVE-2021-37533	中危	3.6	3.9.0	apache-commons-net: FTP client trusts the host from PASV response by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37533 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-03 15:15 修改: 2026-06-17 04:00
commons-net:commons-net	CVE-2021-37533	中危	3.6	3.9.0	apache-commons-net: FTP client trusts the host from PASV response by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37533 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-03 15:15 修改: 2026-06-17 04:00
org.apache.commons:commons-compress	CVE-2018-11771	中危	1.8.1	1.18	apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11771 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-08-16 15:29 修改: 2026-06-17 01:36
org.apache.commons:commons-compress	CVE-2018-11771	中危	1.8.1	1.18	apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11771 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-08-16 15:29 修改: 2026-06-17 01:36
org.apache.commons:commons-compress	CVE-2018-11771	中危	1.8.1	1.18	apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11771 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-08-16 15:29 修改: 2026-06-17 01:36
org.apache.commons:commons-compress	CVE-2024-25710	中危	1.8.1	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
org.apache.commons:commons-compress	CVE-2024-25710	中危	1.8.1	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
org.apache.commons:commons-compress	CVE-2024-25710	中危	1.8.1	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
org.apache.commons:commons-configuration2	CVE-2024-29131	中危	2.8.0	2.10.1	commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2	CVE-2024-29131	中危	2.8.0	2.10.1	commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2	CVE-2024-29131	中危	2.8.0	2.10.1	commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator() 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2	CVE-2024-29133	中危	2.8.0	2.10.1	commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2	CVE-2024-29133	中危	2.8.0	2.10.1	commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2	CVE-2024-29133	中危	2.8.0	2.10.1	commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2	CVE-2026-45205	中危	2.8.0	2.15.0	Uncontrolled Recursion vulnerability in Apache Commons. When processi ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
org.apache.commons:commons-configuration2	CVE-2026-45205	中危	2.8.0	2.15.0	Uncontrolled Recursion vulnerability in Apache Commons. When processi ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
org.apache.commons:commons-configuration2	CVE-2026-45205	中危	2.8.0	2.15.0	Uncontrolled Recursion vulnerability in Apache Commons. When processi ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.12.0	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.2	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.3.2	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.3.2	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.9	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.4.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.google.guava:guava	CVE-2018-10237	中危	19.0	24.1.1-android	guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33
com.google.guava:guava	CVE-2023-2976	中危	19.0	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.google.guava:guava	CVE-2023-2976	中危	27.0-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.google.guava:guava	CVE-2023-2976	中危	27.0-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.google.guava:guava	CVE-2023-2976	中危	27.0-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
io.netty:netty	CVE-2019-20445	中危	3.10.6.Final	4.0.0	netty: HttpObjectDecoder.java allows Content-Length header to accompanied by second Content-Length header 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20445 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-01-29 21:15 修改: 2026-06-17 02:30
io.netty:netty	CVE-2021-21290	中危	3.10.6.Final	4.0.0	netty: Information disclosure via the local system temporary directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21290 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-02-08 20:15 修改: 2026-06-17 03:35
io.netty:netty	CVE-2021-21295	中危	3.10.6.Final	4.0.0	netty: possible request smuggling in HTTP/2 due missing validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21295 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-03-09 19:15 修改: 2026-06-17 03:35
io.netty:netty	CVE-2021-21409	中危	3.10.6.Final	4.0.0	netty: Request smuggling via content-length header 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21409 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-03-30 15:15 修改: 2026-06-17 03:35
io.netty:netty	CVE-2021-43797	中危	3.10.6.Final	4.0.0	netty: control chars in header names may lead to HTTP request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43797 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-12-09 19:15 修改: 2026-06-17 04:11
com.google.guava:guava	CVE-2023-2976	中危	27.0-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.google.guava:guava	CVE-2023-2976	中危	30.1.1-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
org.apache.hive:hive-exec	CVE-2024-29869	中危	3.1.2	4.0.1	Apache Hive Incorrectly Assigns Permissions for a Critical Resource 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29869 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-01-28 22:15 修改: 2026-06-17 07:23
org.apache.hive:hive-llap-common	CVE-2024-23953	中危	3.1.2	4.0.0	Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23953 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-01-28 09:15 修改: 2026-06-17 07:13
com.google.guava:guava	CVE-2023-2976	中危	30.1.1-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
org.apache.httpcomponents:httpclient	CVE-2020-13956	中危	4.5.3	4.5.13, 5.0.3	apache-httpclient: incorrect handling of malformed authority component in request URIs 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53
org.apache.httpcomponents:httpclient	CVE-2020-13956	中危	4.5.6	4.5.13, 5.0.3	apache-httpclient: incorrect handling of malformed authority component in request URIs 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53
io.netty:netty-codec	CVE-2025-58057	中危	4.1.45.Final	4.1.125.Final	netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
org.apache.kafka:kafka-clients	CVE-2024-31141	中危	2.8.1	3.7.1	kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-31141 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-11-19 09:15 修改: 2026-06-17 07:27
org.apache.kafka:kafka-clients	CVE-2026-33558	中危	2.8.1	3.9.2, 4.0.1	Apache Kafka exposes sensitive information in its DEBUG logs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33558 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-04-20 14:16 修改: 2026-06-17 10:37
org.apache.poi:poi-ooxml	CVE-2025-31672	中危	5.2.2	5.4.0	org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31672 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-04-09 12:15 修改: 2026-06-17 09:10
org.apache.ranger:ranger-nifi-registry-plugin	CVE-2025-59060	中危	2.4.0	2.8.0	Apache Ranger Vulnerable to Improper Validation of Certificate with Host Mismatch 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59060 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-03-03 11:16 修改: 2026-06-17 09:45
com.google.guava:guava	CVE-2023-2976	中危	30.1.1-jre	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.11.3	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
org.apache.solr:solr-solrj	CVE-2023-50298	中危	8.11.2	9.4.1, 8.11.3	solr: possible exposure of ZooKeeper credentials via Streaming Expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50298 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-09 18:15 修改: 2026-06-17 06:39
org.apache.solr:solr-solrj	CVE-2023-50298	中危	8.11.2	9.4.1, 8.11.3	solr: possible exposure of ZooKeeper credentials via Streaming Expressions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50298 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-02-09 18:15 修改: 2026-06-17 06:39
io.netty:netty-codec	CVE-2025-58057	中危	4.1.68.Final	4.1.125.Final	netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
io.netty:netty-codec	CVE-2025-58057	中危	4.1.68.Final	4.1.125.Final	netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.11.3	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	2.5.0	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
ch.qos.logback:logback-core	CVE-2025-11226	中危	1.2.10	1.5.19, 1.3.16	ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-01 08:15 修改: 2026-06-17 08:29
io.netty:netty-codec-haproxy	CVE-2022-41881	中危	4.1.78.Final	4.1.86.Final	codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41881 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-12-12 18:15 修改: 2026-06-17 05:03
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.12.3	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.12.3	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
ch.qos.logback:logback-core	CVE-2024-12798	中危	1.2.10	1.5.13, 1.3.15	logback-core: arbitrary code execution via JaninoEventEvaluator 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-19 16:15 修改: 2026-06-17 07:00
io.netty:netty-codec-http	CVE-2021-43797	中危	4.1.68.Final	4.1.71.Final	netty: control chars in header names may lead to HTTP request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43797 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-12-09 19:15 修改: 2026-06-17 04:11
io.netty:netty-codec-http	CVE-2022-24823	中危	4.1.68.Final	4.1.77.Final	netty: world readable temporary file containing sensitive data 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24823 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-05-06 12:15 修改: 2026-06-17 04:32
io.netty:netty-codec-http	CVE-2024-29025	中危	4.1.68.Final	4.1.108.Final	netty-codec-http: Allocation of Resources Without Limits or Throttling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
io.netty:netty-codec-http	CVE-2025-67735	中危	4.1.68.Final	4.2.8.Final, 4.1.129.Final	netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.68.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.68.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.68.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.68.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-50020	中危	4.1.68.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
ch.qos.logback:logback-core	CVE-2024-12798	中危	1.2.10	1.5.13, 1.3.15	logback-core: arbitrary code execution via JaninoEventEvaluator 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-19 16:15 修改: 2026-06-17 07:00
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.10.4	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-41080	中危	8.5.86	8.5.93, 9.0.80, 10.1.13, 11.0.0-M11	tomcat: Open Redirect vulnerability in FORM authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-41080 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-08-25 21:15 修改: 2026-06-17 06:20
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-42795	中危	8.5.86	10.1.14, 9.0.81, 8.5.94, 11.0.0-M12	tomcat: improper cleaning of recycled objects could lead to information leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42795 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-10 18:15 修改: 2026-06-17 06:24
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-44487	中危	8.5.86	11.0.0-M12, 10.1.14, 9.0.81, 8.5.94	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-10 14:15 修改: 2026-06-17 06:27
org.apache.tomcat.embed:tomcat-embed-core	CVE-2023-45648	中危	8.5.86	11.0.0-M12, 10.1.14, 9.0.81, 8.5.94	tomcat: incorrectly parsed http trailer headers can cause request smuggling 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45648 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-10 19:15 修改: 2026-06-17 06:28
org.apache.tomcat.embed:tomcat-embed-core	CVE-2024-24549	中危	8.5.86	8.5.99, 9.0.86, 10.1.19, 11.0.0-M17	Tomcat: HTTP/2 header handling DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-13 16:15 修改: 2026-06-17 07:14
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-31650	中危	8.5.86	9.0.104, 10.1.40, 11.0.6	tomcat: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31650 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-04-28 20:15 修改: 2026-06-17 09:10
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-49125	中危	8.5.86	11.0.8, 10.1.42, 9.0.106	tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49125 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-16 15:15 修改: 2026-06-17 09:30
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-66614	中危	8.5.86	11.0.15, 10.1.50, 9.0.113	tomcat: Client certificate verification bypass due to virtual host mapping 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66614 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-17 19:21 修改: 2026-06-17 09:57
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-25854	中危	8.5.86	9.0.116, 10.1.53, 11.0.20	Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25854 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:25
org.apache.tomcat.embed:tomcat-embed-websocket	CVE-2024-23672	中危	8.5.86	11.0.0-M17, 10.1.19, 9.0.86, 8.5.99	Tomcat: WebSocket DoS with incomplete closing handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-13 16:15 修改: 2026-06-17 07:13
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.10.4	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
io.netty:netty-codec-http	CVE-2024-29025	中危	4.1.78.Final	4.1.108.Final	netty-codec-http: Allocation of Resources Without Limits or Throttling 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
io.netty:netty-codec-http	CVE-2025-67735	中危	4.1.78.Final	4.2.8.Final, 4.1.129.Final	netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.78.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-50020	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
ch.qos.logback:logback-core	CVE-2025-11226	中危	1.2.10	1.5.19, 1.3.16	ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-01 08:15 修改: 2026-06-17 08:29
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.4.0	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
org.codehaus.jettison:jettison	CVE-2022-40149	中危	1.1	1.5.1	jettison: parser crash by stackoverflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	3.17.1	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	3.17.1	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
org.eclipse.jetty.http2:http2-common	CVE-2023-44487	中危	9.4.44.v20210927	9.4.53, 10.0.17, 11.0.17	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-10 14:15 修改: 2026-06-17 06:27
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
org.elasticsearch.client:elasticsearch-rest-client	CVE-2021-22145	中危	7.10.2	7.13.4	elasticsearch: memory disclosure in error reporting 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-21 15:15 修改: 2026-06-17 03:36
org.elasticsearch.client:elasticsearch-rest-client	CVE-2021-22145	中危	7.10.2	7.13.4	elasticsearch: memory disclosure in error reporting 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22145 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-21 15:15 修改: 2026-06-17 03:36
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.1.78.Final	4.1.135.Final, 4.2.15.Final	netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http2	CVE-2026-50560	中危	4.1.78.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
org.elasticsearch:elasticsearch	CVE-2021-22134	中危	7.10.2	7.11.0	elasticsearch: requests do not properly apply security permissions when executing a query against a recently updated document 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22134 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-03-08 21:15 修改: 2026-06-17 03:36
org.elasticsearch:elasticsearch	CVE-2021-22134	中危	7.10.2	7.11.0	elasticsearch: requests do not properly apply security permissions when executing a query against a recently updated document 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22134 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-03-08 21:15 修改: 2026-06-17 03:36
org.elasticsearch:elasticsearch	CVE-2021-22135	中危	7.10.2	7.11.2, 6.8.15	elasticsearch: Document disclosure flaw in the Elasticsearch suggester 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22135 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-05-13 18:15 修改: 2026-06-17 03:36
org.elasticsearch:elasticsearch	CVE-2021-22135	中危	7.10.2	7.11.2, 6.8.15	elasticsearch: Document disclosure flaw in the Elasticsearch suggester 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22135 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-05-13 18:15 修改: 2026-06-17 03:36
org.elasticsearch:elasticsearch	CVE-2021-22144	中危	7.10.2	6.8.17, 7.13.3	elasticsearch: uncontrolled recursion in Grok parser 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22144 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-26 12:15 修改: 2026-06-17 03:36
org.elasticsearch:elasticsearch	CVE-2021-22144	中危	7.10.2	6.8.17, 7.13.3	elasticsearch: uncontrolled recursion in Grok parser 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22144 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2021-07-26 12:15 修改: 2026-06-17 03:36
org.elasticsearch:elasticsearch	CVE-2023-31417	中危	7.10.2	7.17.13, 8.9.2	elasticsearch: Sensitive information in audit logs 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31417 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-26 18:15 修改: 2026-06-17 05:56
org.elasticsearch:elasticsearch	CVE-2023-31417	中危	7.10.2	7.17.13, 8.9.2	elasticsearch: Sensitive information in audit logs 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31417 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-26 18:15 修改: 2026-06-17 05:56
org.elasticsearch:elasticsearch	CVE-2023-31419	中危	7.10.2	7.17.13, 8.9.1	elasticsearch: StackOverflow vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31419 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-26 18:15 修改: 2026-06-17 05:56
org.elasticsearch:elasticsearch	CVE-2023-31419	中危	7.10.2	7.17.13, 8.9.1	elasticsearch: StackOverflow vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31419 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-10-26 18:15 修改: 2026-06-17 05:56
org.elasticsearch:elasticsearch	CVE-2023-46673	中危	7.10.2	7.17.14, 8.10.3	elasticsearch: Improper Handling of Exceptional Conditions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-22 10:15 修改: 2026-06-17 06:31
org.elasticsearch:elasticsearch	CVE-2023-46673	中危	7.10.2	7.17.14, 8.10.3	elasticsearch: Improper Handling of Exceptional Conditions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46673 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-11-22 10:15 修改: 2026-06-17 06:31
org.elasticsearch:elasticsearch	CVE-2023-49921	中危	7.10.2	7.17.16, 8.11.2	elasticsearch: Insertion of Sensitive Information into Log File 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49921 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-07-26 05:15 修改: 2026-06-17 06:36
org.elasticsearch:elasticsearch	CVE-2023-49921	中危	7.10.2	7.17.16, 8.11.2	elasticsearch: Insertion of Sensitive Information into Log File 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-49921 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-07-26 05:15 修改: 2026-06-17 06:36
org.elasticsearch:elasticsearch	CVE-2024-23444	中危	7.10.2	8.13.0, 7.17.23	Elasticsearch stores private key on disk unencrypted 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-07-31 18:15 修改: 2026-06-17 07:12
org.elasticsearch:elasticsearch	CVE-2024-23444	中危	7.10.2	8.13.0, 7.17.23	Elasticsearch stores private key on disk unencrypted 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-07-31 18:15 修改: 2026-06-17 07:12
org.elasticsearch:elasticsearch	CVE-2024-23450	中危	7.10.2	7.17.19, 8.13.0	elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23450 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-27 17:15 修改: 2026-06-17 07:12
org.elasticsearch:elasticsearch	CVE-2024-23450	中危	7.10.2	7.17.19, 8.13.0	elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23450 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-03-27 17:15 修改: 2026-06-17 07:12
org.elasticsearch:elasticsearch	CVE-2024-43709	中危	7.10.2	7.17.21, 8.13.3	elasticsearch: Elasticsearch allocation of resources without limits or throttling leads to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43709 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-01-21 11:15 修改: 2026-06-17 07:51
org.elasticsearch:elasticsearch	CVE-2024-43709	中危	7.10.2	7.17.21, 8.13.3	elasticsearch: Elasticsearch allocation of resources without limits or throttling leads to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43709 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-01-21 11:15 修改: 2026-06-17 07:51
org.elasticsearch:elasticsearch	CVE-2024-52979	中危	7.10.2	7.17.25, 8.16.0	elasticsearch: Elasticsearch Uncontrolled Resource Consumption vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52979 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-05-01 14:15 修改: 2026-06-17 08:07
org.elasticsearch:elasticsearch	CVE-2024-52979	中危	7.10.2	7.17.25, 8.16.0	elasticsearch: Elasticsearch Uncontrolled Resource Consumption vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52979 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-05-01 14:15 修改: 2026-06-17 08:07
org.elasticsearch:elasticsearch	CVE-2025-37727	中危	7.10.2	8.18.8, 8.19.5, 9.0.8, 9.1.5	org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15
org.elasticsearch:elasticsearch	CVE-2025-37727	中危	7.10.2	8.18.8, 8.19.5, 9.0.8, 9.1.5	org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15
org.elasticsearch:elasticsearch	CVE-2025-37731	中危	7.10.2	8.19.8, 9.1.8, 9.2.2	elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15
org.elasticsearch:elasticsearch	CVE-2025-37731	中危	7.10.2	8.19.8, 9.1.8, 9.2.2	elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15
io.netty:netty-codec-mqtt	CVE-2026-44248	中危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:50
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	3.17.1	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
org.springframework.ldap:spring-ldap-core	CVE-2024-38829	中危	2.3.8.RELEASE	3.2.8, 2.4.4	spring-ldap: Spring LDAP sensitive data exposure for case-sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38829 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-04 21:15 修改: 2026-06-17 07:41
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.4.0	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.4.0	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
org.springframework.security:spring-security-core	CVE-2023-20862	中危	5.7.5	5.7.8, 5.8.3, 6.0.3	spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20862 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-04-19 20:15 修改: 2026-06-17 05:31
org.springframework.security:spring-security-core	CVE-2024-38827	中危	5.7.5	5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5	spring-security: authorization bypass for case sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-02 15:15 修改: 2026-06-17 07:41
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.4.0	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
io.netty:netty-codec-redis	CVE-2026-42586	中危	4.1.78.Final	4.2.13.Final, 4.1.133.Final	netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42586 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
com.fasterxml.jackson.core:jackson-core	CVE-2025-49128	中危	2.4.0	2.13.0	com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
org.springframework:spring-context	CVE-2024-38820	中危	5.3.23	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41
io.netty:netty-common	CVE-2024-47535	中危	4.1.45.Final	4.1.115.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
io.netty:netty-common	CVE-2025-25193	中危	4.1.45.Final	4.1.118.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
org.springframework:spring-expression	CVE-2023-20861	中危	5.3.23	6.0.7, 5.3.26, 5.2.23.RELEASE	springframework: Spring Expression DoS Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-03-23 21:15 修改: 2026-06-17 05:31
org.springframework:spring-expression	CVE-2024-38808	中危	5.3.23	5.3.39	spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-08-20 08:15 修改: 2026-06-17 07:41
io.netty:netty-common	CVE-2024-47535	中危	4.1.68.Final	4.1.115.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
io.netty:netty-common	CVE-2024-47535	中危	4.1.68.Final	4.1.115.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
io.netty:netty-common	CVE-2025-25193	中危	4.1.68.Final	4.1.118.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
io.netty:netty-common	CVE-2025-25193	中危	4.1.68.Final	4.1.118.Final	netty: Denial of Service attack on windows app using Netty 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
org.springframework:spring-web	CVE-2024-38809	中危	5.3.23	5.3.38, 6.0.23, 6.1.12	org.springframework:spring-web: Spring Framework DoS via conditional HTTP request 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-27 17:15 修改: 2026-06-17 07:41
org.springframework:spring-web	CVE-2024-38820	中危	5.3.23	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.4.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.4.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
org.xerial.snappy:snappy-java	CVE-2023-34453	中危	1.0.5	1.1.10.1	snappy-java: Integer overflow in shuffle leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-15 17:15 修改: 2026-06-17 06:03
org.xerial.snappy:snappy-java	CVE-2023-34454	中危	1.0.5	1.1.10.1	snappy-java: Integer overflow in compress leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-15 17:15 修改: 2026-06-17 06:03
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	3.19.3	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
com.google.protobuf:protobuf-java	CVE-2022-3171	中危	3.19.3	3.21.7, 3.20.3, 3.19.6, 3.16.3	protobuf-java: timeout in parser leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
org.xerial.snappy:snappy-java	CVE-2023-34453	中危	1.1.7.6	1.1.10.1	snappy-java: Integer overflow in shuffle leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-15 17:15 修改: 2026-06-17 06:03
org.xerial.snappy:snappy-java	CVE-2023-34454	中危	1.1.7.6	1.1.10.1	snappy-java: Integer overflow in compress leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-15 17:15 修改: 2026-06-17 06:03
io.netty:netty-handler	CVE-2023-34462	中危	4.1.45.Final	4.1.94.Final	netty: SniHandler 16MB allocation leads to OOM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2023-06-22 23:15 修改: 2026-06-17 06:03
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.4.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
org.yaml:snakeyaml	CVE-2022-38749	中危	1.26	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-38750	中危	1.26	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-38751	中危	1.26	1.31	snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-38752	中危	1.26	1.32	snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57
org.yaml:snakeyaml	CVE-2022-41854	中危	1.26	1.32	dev-java/snakeyaml: DoS via stack overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2022-11-11 13:15 修改: 2026-06-17 05:03
com.fasterxml.jackson.core:jackson-databind	CVE-2019-12384	中危	2.4.0	2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3	jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2019-06-24 16:15 修改: 2026-06-17 02:14
io.netty:netty-codec-http	CVE-2025-58056	低危	4.1.68.Final	4.1.125.Final, 4.2.5.Final	netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
ch.qos.logback:logback-core	CVE-2026-1225	低危	1.2.10	1.5.25	ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15
org.springframework:spring-context	CVE-2025-22233	低危	5.3.23	6.2.7, 6.1.20	CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22233 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-05-16 20:15 修改: 2026-06-17 08:45
ch.qos.logback:logback-core	CVE-2024-12801	低危	1.2.10	1.5.13, 1.3.15	logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-19 17:15 修改: 2026-06-17 07:00
commons-configuration:commons-configuration	CVE-2025-46392	低危	1.6		apache-commons-configuration: Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46392 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-05-09 10:15 修改: 2026-06-17 09:26
com.google.guava:guava	CVE-2020-8908	低危	27.0-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
com.google.guava:guava	CVE-2020-8908	低危	27.0-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
org.apache.hadoop:hadoop-common	CVE-2024-23454	低危	2.10.0	3.4.0	Apache Hadoop: Temporary File Local Information Disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-25 08:15 修改: 2026-06-17 07:12
com.google.guava:guava	CVE-2020-8908	低危	27.0-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer	CVE-2011-4457	低危	r239	88	OWASP HTML Sanitizer allows redirecting to an arbitrary URL when JavaScript is disabled 漏洞详情: https://avd.aquasec.com/nvd/cve-2011-4457 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2011-11-17 23:55 修改: 2026-04-29 01:13
com.google.guava:guava	CVE-2020-8908	低危	27.0-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
com.google.guava:guava	CVE-2020-8908	低危	19.0	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
ch.qos.logback:logback-core	CVE-2024-12801	低危	1.2.10	1.5.13, 1.3.15	logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-12-19 17:15 修改: 2026-06-17 07:00
io.netty:netty-codec-http	CVE-2025-58056	低危	4.1.78.Final	4.1.125.Final, 4.2.5.Final	netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
ch.qos.logback:logback-core	CVE-2026-1225	低危	1.2.10	1.5.25	ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15
io.netty:netty-handler-proxy	CVE-2026-42578	低危	4.1.78.Final	4.1.133.Final, 4.2.13.Final	netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
com.google.guava:guava	CVE-2020-8908	低危	30.1.1-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
org.apache.hadoop:hadoop-common	CVE-2024-23454	低危	3.3.0	3.4.0	Apache Hadoop: Temporary File Local Information Disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-25 08:15 修改: 2026-06-17 07:12
org.apache.hadoop:hadoop-common	CVE-2024-23454	低危	3.3.0	3.4.0	Apache Hadoop: Temporary File Local Information Disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-25 08:15 修改: 2026-06-17 07:12
org.apache.hadoop:hadoop-common	CVE-2024-23454	低危	3.3.0	3.4.0	Apache Hadoop: Temporary File Local Information Disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2024-09-25 08:15 修改: 2026-06-17 07:12
com.google.guava:guava	CVE-2020-8908	低危	30.1.1-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-31651	低危	8.5.86	9.0.104, 10.1.40, 11.0.6	tomcat: Apache Tomcat: Bypass of rules in Rewrite Valve 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31651 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-04-28 20:15 修改: 2026-06-17 09:10
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-46701	低危	8.5.86	9.0.105, 10.1.41, 11.0.7	tomcat: Apache Tomcat: Security constraint bypass for CGI scripts 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46701 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-05-29 19:15 修改: 2026-06-17 09:26
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-55754	低危	8.5.86	11.0.11, 10.1.45, 9.0.109	org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55754 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-27 18:15 修改: 2026-06-17 09:42
org.apache.tomcat.embed:tomcat-embed-core	CVE-2025-61795	低危	8.5.86	11.0.12, 10.1.47, 9.0.110	tomcat: org.apache.tomcat/tomcat-catalina: Apache Tomcat: Denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61795 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2025-10-27 18:15 修改: 2026-06-17 09:50
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-24733	低危	8.5.86	11.0.15, 10.1.50, 9.0.113	tomcat: security constraint bypass with HTTP/0.9 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24733 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-02-17 19:21 修改: 2026-06-17 10:23
org.springframework.security:spring-security-core	CVE-2026-22746	低危	5.7.5	6.5.10, 7.0.5	Spring Security: Spring Security: Timing attack defense bypass allows information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22746 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-04-22 06:16 修改: 2026-06-17 10:20
org.apache.tomcat.embed:tomcat-embed-core	CVE-2026-43514	低危	8.5.86	9.0.118, 10.1.55, 11.0.22	tomcat-coyote: Apache Tomcat: Information disclosure via AJP secret timing discrepancy 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43514 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
com.google.guava:guava	CVE-2020-8908	低危	30.1.1-jre	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:8265cb2525f4b8fe0278e34bb9360cb326bdfee9ed121f1150d4fff03e7d08ed 发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27

Node.js (node-pkg)

低危漏洞:0

中危漏洞:0

高危漏洞:0

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息