docker.io/apache/kafka:4.3.1 linux/amd64

docker.io/apache/kafka:4.3.1 - Trivy安全扫描结果 扫描时间: 2026-07-11 16:25
全部漏洞信息
低危漏洞:1 中危漏洞:15 高危漏洞:10 严重漏洞:0

系统OS: alpine 3.23.4 扫描引擎: Trivy 扫描时间: 2026-07-11 16:25

docker.io/apache/kafka:4.3.1 (alpine 3.23.4) (alpine)
低危漏洞:1 中危漏洞:10 高危漏洞:6 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libexpat CVE-2026-45186 高危 2.7.5-r0 2.8.1-r0 libexpat: denial of service via crafted XML input

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-05-10 07:16 修改: 2026-06-30 03:20

libexpat CVE-2026-56131 高危 2.7.5-r0 2.8.2-r0 libexpat before 2.8.2 lacks handler call depth tracking for calls to X ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56131

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15

libexpat CVE-2026-56407 高危 2.7.5-r0 2.8.2-r0 libexpat before 2.8.2 has an integer overflow in doProlog that is rela ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56407

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:28

libexpat CVE-2026-56408 高危 2.7.5-r0 2.8.2-r0 libexpat before 2.8.2 has an integer overflow in copyString.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56408

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:27

p11-kit CVE-2026-2100 高危 0.25.5-r2 0.26.2-r0 p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-03-26 21:17 修改: 2026-07-07 15:16

p11-kit-trust CVE-2026-2100 高危 0.25.5-r2 0.26.2-r0 p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-03-26 21:17 修改: 2026-07-07 15:16

libexpat CVE-2026-56403 中危 2.7.5-r0 2.8.2-r0 libexpat: libexpat: Arbitrary code execution due to integer overflow in storeAtts

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56403

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15

libexpat CVE-2026-56404 中危 2.7.5-r0 2.8.2-r0 libexpat before 2.8.2 has an integer overflow in addBinding.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56404

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:15

libexpat CVE-2026-56405 中危 2.7.5-r0 2.8.2-r0 libexpat: libexpat: Information disclosure and arbitrary code execution via integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56405

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 20:14

libexpat CVE-2026-56406 中危 2.7.5-r0 2.8.2-r0 libexpat: libexpat: Arbitrary code execution via integer overflow in XML_ParseBuffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56406

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:29

libexpat CVE-2026-56409 中危 2.7.5-r0 2.8.2-r0 xmlwf in libexpat before 2.8.2 has an integer overflow for the output ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56409

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:21

libexpat CVE-2026-56410 中危 2.7.5-r0 2.8.2-r0 libexpat: libexpat: Integer overflow in xmlwf can lead to information disclosure and arbitrary code execution.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56410

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 16:16 修改: 2026-06-23 16:18

libexpat CVE-2026-56411 中危 2.7.5-r0 2.8.2-r0 expat: libexpat: Integer Overflow Vulnerability Leading to Information Disclosure or Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56411

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 17:16 修改: 2026-06-23 16:16

libexpat CVE-2026-56412 中危 2.7.5-r0 2.8.2-r0 libexpat: libexpat: Use-after-free vulnerability due to improper handling of XML CDATA sections

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56412

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-21 17:16 修改: 2026-06-23 15:31

libexpat CVE-2026-50219 中危 2.7.5-r0 2.8.2-r0 expat: libexpat: Use-after-free vulnerability due to improper handler call depth tracking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50219

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-04 06:16 修改: 2026-06-17 10:57

libexpat CVE-2026-56132 中危 2.7.5-r0 2.8.2-r0 expat: libexpat: Arbitrary Code Execution via Heap-based Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-56132

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-06-19 06:17 修改: 2026-06-23 20:15

libexpat CVE-2026-41080 低危 2.7.5-r0 2.8.1-r0 libexpat: expat: libexpat: Denial of Service via hash flooding with crafted XML

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41080

镜像层: sha256:f04f9db94d3ebe8257b2026d7bd35bbb0aa82570c4c55192e00ddabb6056f905

发布日期: 2026-04-16 17:16 修改: 2026-06-17 10:46

Java (jar)
低危漏洞:0 中危漏洞:5 高危漏洞:4 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.21.2 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 21:17 修改: 2026-07-09 13:17

org.jline:jline-remote-telnet GHSA-2r2c-cx56-8933 高危 3.30.4 4.2.1 JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry

漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07

org.jline:jline-remote-telnet GHSA-47qp-hqvx-6r3f 高危 3.30.4 4.2.1 JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables

漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07

com.fasterxml.jackson.core:jackson-databind CVE-2026-54516 中危 2.21.2 2.21.4, 3.1.4 jackson-databind: jackson-databind: Security bypass due to improper handling of renamed properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52

com.fasterxml.jackson.core:jackson-databind CVE-2026-54517 中危 2.21.2 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information disclosure via improper JsonView filter application

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51

com.fasterxml.jackson.core:jackson-databind CVE-2026-54518 中危 2.21.2 2.21.4 jackson-databind: jackson-databind: Information disclosure and data manipulation via view-based access control bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.21.2 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:85ed86239b446242d6c2080a8d47c916fbfdeee1a4cb73010782dc35362defe5

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×