| org.bouncycastle:bcprov-jdk18on |
CVE-2025-14813 |
严重 |
1.78 |
1.80.2, 1.81.1, 1.84 |
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.16.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-23 21:17 修改: 2026-06-30 03:21
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.119.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.119.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.119.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.119.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.119.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.119.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.119.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.119.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| org.apache.thrift:libthrift |
CVE-2026-43869 |
高危 |
0.14.1 |
0.23.0 |
Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-05 08:16 修改: 2026-07-01 13:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.16.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| org.eclipse.jetty:jetty-http |
CVE-2026-2332 |
高危 |
9.4.57.v20241219 |
12.1.7, 12.0.33 |
org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-04-14 12:16 修改: 2026-06-30 03:18
|
| org.jline:jline-remote-telnet |
GHSA-2r2c-cx56-8933 |
高危 |
3.26.2 |
4.2.1 |
JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry
漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
|
| org.jline:jline-remote-telnet |
GHSA-47qp-hqvx-6r3f |
高危 |
3.26.2 |
4.2.1 |
JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables
漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
|
| org.lz4:lz4-java |
CVE-2025-12183 |
高危 |
1.8.0 |
1.8.1 |
lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31
|
| org.lz4:lz4-java |
CVE-2025-66566 |
高危 |
1.8.0 |
|
lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.119.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.119.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.119.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.119.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-mqtt |
CVE-2026-44248 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.16.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.119.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.119.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.119.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.119.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.119.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| org.bouncycastle:bcpkix-jdk18on |
CVE-2025-8916 |
中危 |
1.78.1 |
1.79 |
org.bouncycastle: BouncyCastle denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcpkix-jdk18on |
CVE-2026-5588 |
中危 |
1.78.1 |
1.84 |
bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| org.bouncycastle:bcprov-jdk18on |
CVE-2026-0636 |
中危 |
1.78 |
1.84 |
bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.119.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.57.v20241219 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.16.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2025-53864 |
中危 |
9.37.3 |
10.0.2, 9.37.4 |
com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
|
| ch.qos.logback:logback-core |
CVE-2025-11226 |
中危 |
1.3.15 |
1.5.19, 1.3.16 |
ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-10-01 08:15 修改: 2026-06-25 17:16
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.16.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| org.eclipse.jetty:jetty-http |
CVE-2025-11143 |
低危 |
9.4.57.v20241219 |
12.0.31, 12.1.5 |
org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-03-05 10:15 修改: 2026-06-17 08:29
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.119.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.119.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.119.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| ch.qos.logback:logback-core |
CVE-2026-1225 |
低危 |
1.3.15 |
1.5.25 |
ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225
镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8
发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15
|