docker.io/apache/iotdb:2.0.5-standalone linux/amd64

docker.io/apache/iotdb:2.0.5-standalone - Trivy安全扫描结果 扫描时间: 2026-07-03 01:21
全部漏洞信息
低危漏洞:5 中危漏洞:46 高危漏洞:34 严重漏洞:1

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2026-07-03 01:21

docker.io/apache/iotdb:2.0.5-standalone (ubuntu 20.04) (ubuntu)
低危漏洞:0 中危漏洞:8 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libc-bin CVE-2025-4802 中危 2.31-0ubuntu9.17 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:470b66ea5123c93b0d5606e4213bf9e47d3d426b640d32472e4ac213186c4bb6

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libc6 CVE-2025-4802 中危 2.31-0ubuntu9.17 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:470b66ea5123c93b0d5606e4213bf9e47d3d426b640d32472e4ac213186c4bb6

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libgssapi-krb5-2 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:3c8aecb2a42d8fbfa0a3a1134b429bb3bf4f97d70c0585eed7eafb57e29f3f87

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libk5crypto3 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:3c8aecb2a42d8fbfa0a3a1134b429bb3bf4f97d70c0585eed7eafb57e29f3f87

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5-3 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:3c8aecb2a42d8fbfa0a3a1134b429bb3bf4f97d70c0585eed7eafb57e29f3f87

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5support0 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:3c8aecb2a42d8fbfa0a3a1134b429bb3bf4f97d70c0585eed7eafb57e29f3f87

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libsqlite3-0 CVE-2025-29088 中危 3.31.1-4ubuntu0.6 3.31.1-4ubuntu0.7 sqlite: Denial of Service in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088

镜像层: sha256:3c8aecb2a42d8fbfa0a3a1134b429bb3bf4f97d70c0585eed7eafb57e29f3f87

发布日期: 2025-04-10 14:15 修改: 2026-06-17 09:05

locales CVE-2025-4802 中危 2.31-0ubuntu9.17 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:3c8aecb2a42d8fbfa0a3a1134b429bb3bf4f97d70c0585eed7eafb57e29f3f87

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

Java (jar)
低危漏洞:5 中危漏洞:38 高危漏洞:34 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.bouncycastle:bcprov-jdk18on CVE-2025-14813 严重 1.78 1.80.2, 1.81.1, 1.84 bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.16.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-23 21:17 修改: 2026-06-30 03:21

io.netty:netty-codec CVE-2026-42583 高危 4.1.119.Final 4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.119.Final 4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-dns CVE-2026-42579 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-dns CVE-2026-42579 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.119.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.119.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http2 CVE-2025-55163 高危 4.1.119.Final 4.2.4.Final, 4.1.124.Final netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41

io.netty:netty-codec-http2 CVE-2025-55163 高危 4.1.119.Final 4.2.4.Final, 4.1.124.Final netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41

io.netty:netty-codec-http2 CVE-2026-33871 高危 4.1.119.Final 4.1.132.Final, 4.2.11.Final netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http2 CVE-2026-33871 高危 4.1.119.Final 4.1.132.Final, 4.2.11.Final netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http2 CVE-2026-42587 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http2 CVE-2026-42587 高危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19

io.netty:netty-handler CVE-2026-44249 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19

io.netty:netty-handler CVE-2026-45416 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20

io.netty:netty-handler CVE-2026-45416 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20

io.netty:netty-handler CVE-2026-50010 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

io.netty:netty-handler CVE-2026-50010 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

io.netty:netty-resolver-dns CVE-2026-45674 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20

io.netty:netty-resolver-dns CVE-2026-45674 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20

io.netty:netty-resolver-dns CVE-2026-47691 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

io.netty:netty-resolver-dns CVE-2026-47691 高危 4.1.119.Final 4.2.15.Final, 4.1.135.Final io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

org.apache.thrift:libthrift CVE-2026-43869 高危 0.14.1 0.23.0 Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-05 08:16 修改: 2026-07-01 13:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.16.2 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

org.eclipse.jetty:jetty-http CVE-2026-2332 高危 9.4.57.v20241219 12.1.7, 12.0.33 org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-04-14 12:16 修改: 2026-06-30 03:18

org.jline:jline-remote-telnet GHSA-2r2c-cx56-8933 高危 3.26.2 4.2.1 JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry

漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07

org.jline:jline-remote-telnet GHSA-47qp-hqvx-6r3f 高危 3.26.2 4.2.1 JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables

漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07

org.lz4:lz4-java CVE-2025-12183 高危 1.8.0 1.8.1 lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31

org.lz4:lz4-java CVE-2025-66566 高危 1.8.0 lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57

io.netty:netty-codec CVE-2025-58057 中危 4.1.119.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.119.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54

io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54

io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.119.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.119.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-mqtt CVE-2026-44248 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.16.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.119.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.119.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.119.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.119.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-resolver-dns CVE-2026-45673 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-resolver-dns CVE-2026-45673 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-transport-native-epoll CVE-2026-45536 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-transport-native-epoll CVE-2026-45536 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-transport-native-epoll CVE-2026-45536 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-transport-native-kqueue CVE-2026-45536 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-transport-native-kqueue CVE-2026-45536 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-transport-native-kqueue CVE-2026-45536 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.119.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

org.bouncycastle:bcpkix-jdk18on CVE-2025-8916 中危 1.78.1 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk18on CVE-2026-5588 中危 1.78.1 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

org.bouncycastle:bcprov-jdk18on CVE-2026-0636 中危 1.78 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.119.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.57.v20241219 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.16.2 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.nimbusds:nimbus-jose-jwt CVE-2025-53864 中危 9.37.3 10.0.2, 9.37.4 com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39

ch.qos.logback:logback-core CVE-2025-11226 中危 1.3.15 1.5.19, 1.3.16 ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-10-01 08:15 修改: 2026-06-25 17:16

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.16.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

org.eclipse.jetty:jetty-http CVE-2025-11143 低危 9.4.57.v20241219 12.0.31, 12.1.5 org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-03-05 10:15 修改: 2026-06-17 08:29

io.netty:netty-handler-proxy CVE-2026-42578 低危 4.1.119.Final 4.1.133.Final, 4.2.13.Final netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.119.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.119.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

ch.qos.logback:logback-core CVE-2026-1225 低危 1.3.15 1.5.25 ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225

镜像层: sha256:c7d3329e99a64273876367b34f8325ead0fc6cd5e5eab3866b0f18cdab9aa3c8

发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×