| org.apache.iotdb:iotdb-confignode |
CVE-2025-48459 |
严重 |
2.0.3 |
2.0.5 |
Apache IoTDB: Deserialization of untrusted Data
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48459
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-09-24 08:15 修改: 2025-11-04 22:16
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.119.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 17:16
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 17:16
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.115.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-03-27 20:16 修改: 2026-03-30 20:12
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.119.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-03-27 20:16 修改: 2026-03-30 20:12
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.115.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-08-13 15:15 修改: 2025-11-04 22:16
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.115.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-03-27 20:16 修改: 2026-03-30 20:10
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.119.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-08-13 15:15 修改: 2025-11-04 22:16
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.119.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-03-27 20:16 修改: 2026-03-30 20:10
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.115.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-02-10 22:15 修改: 2025-09-05 17:20
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.115.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
|
| org.apache.thrift:libthrift |
CVE-2026-43869 |
高危 |
0.14.1 |
0.23.0 |
Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-05 08:16 修改: 2026-05-06 18:05
|
| org.bouncycastle:bcprov-jdk18on |
CVE-2026-5598 |
高危 |
1.78 |
1.84 |
bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
|
| org.eclipse.jetty:jetty-http |
CVE-2026-2332 |
高危 |
9.4.57.v20241219 |
12.1.7, 12.0.33 |
org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-04-14 12:16 修改: 2026-05-01 13:31
|
| org.lz4:lz4-java |
CVE-2025-12183 |
高危 |
1.8.0 |
1.8.1 |
lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-11-28 16:15 修改: 2026-04-15 00:35
|
| org.lz4:lz4-java |
CVE-2025-66566 |
高危 |
1.8.0 |
|
lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-12-05 18:15 修改: 2026-04-15 00:35
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-codec-mqtt |
CVE-2026-44248 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.115.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-02-10 22:15 修改: 2025-06-11 15:36
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2025-53864 |
中危 |
9.37.3 |
10.0.2, 9.37.4 |
com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-07-11 03:16 修改: 2026-04-15 00:35
|
| ch.qos.logback:logback-core |
CVE-2025-11226 |
中危 |
1.3.15 |
1.5.19, 1.3.16 |
ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-10-01 08:15 修改: 2026-04-15 00:35
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.115.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-09-04 10:42 修改: 2025-09-08 16:45
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.119.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-12-16 01:15 修改: 2026-01-02 18:50
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.119.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
Netty: Unix-socket fd receive leaks descriptors when peer sends two at once
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| io.projectreactor.netty:reactor-netty-http |
CVE-2025-22227 |
中危 |
1.1.20 |
1.3.0-M5, 1.2.8 |
io.projectreactor.netty/reactor-netty: Reactor Netty Credential Leak via Redirects
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22227
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-07-16 10:15 修改: 2026-04-15 00:35
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.13.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.16.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.119.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-09-04 10:42 修改: 2025-09-08 16:45
|
| org.bouncycastle:bcpkix-jdk18on |
CVE-2025-8916 |
中危 |
1.78.1 |
1.79 |
org.bouncycastle: BouncyCastle denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-08-13 10:15 修改: 2026-05-12 13:17
|
| org.bouncycastle:bcpkix-jdk18on |
CVE-2026-5588 |
中危 |
1.78.1 |
1.84 |
bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.115.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-12-16 01:15 修改: 2026-01-02 18:50
|
| org.bouncycastle:bcprov-jdk18on |
CVE-2026-0636 |
中危 |
1.78 |
1.84 |
bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.115.Final |
4.2.15.Final, 4.1.135.Final |
Netty HTTP/2: Advertised MAX_CONCURRENT_STREAMS are not enforced
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.57.v20241219 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2024-10-14 16:15 修改: 2025-07-10 15:04
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.115.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.115.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
|
| ch.qos.logback:logback-core |
CVE-2026-1225 |
低危 |
1.3.15 |
1.5.25 |
ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-01-22 10:16 修改: 2026-04-15 00:35
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.115.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-09-03 21:15 修改: 2025-09-08 16:46
|
| org.eclipse.jetty:jetty-http |
CVE-2025-11143 |
低危 |
9.4.57.v20241219 |
12.0.31, 12.1.5 |
org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-03-05 10:15 修改: 2026-03-06 20:30
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.119.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2025-09-03 21:15 修改: 2025-09-08 16:46
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.119.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:28c8c3d6ec225b025f6e19182a9c206e2251caa3e26157cd074b01e22ac81058
发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:54
|