| org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.3 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
|
| org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.8.2 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-41293 |
严重 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41293
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:46
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-41293 |
严重 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41293
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:46
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43512 |
严重 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43512
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43512 |
严重 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: Authentication bypass via digest authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43512
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43515 |
严重 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: tomcat: Improper Authorization allows security bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43515
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43515 |
严重 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: tomcat: Improper Authorization allows security bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43515
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.bouncycastle:bcprov-jdk18on |
CVE-2025-14813 |
严重 |
1.78.1 |
1.80.2, 1.81.1, 1.84 |
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| org.postgresql:postgresql |
CVE-2024-1597 |
严重 |
42.2.16.jre7 |
42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 |
pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2024-02-19 13:15 修改: 2026-06-17 07:04
|
| org.springframework.security:spring-security-web |
CVE-2024-38821 |
严重 |
5.7.12 |
5.7.13, 5.8.15, 6.2.7, 6.0.13, 6.1.11, 6.3.4 |
Spring-WebFlux: Authorization Bypass of Static Resources in WebFlux Applications
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38821
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-28 07:15 修改: 2026-06-17 07:41
|
| org.springframework.security:spring-security-web |
CVE-2026-22732 |
严重 |
5.7.12 |
6.5.9, 7.0.4 |
Spring Security: Spring Security: Security policy bypass and information disclosure due to unwritten HTTP headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22732
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-19 23:16 修改: 2026-06-17 10:20
|
| org.springframework:spring-web |
CVE-2016-1000027 |
严重 |
5.3.39 |
6.0.0 |
spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization
漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2020-01-02 23:15 修改: 2024-11-21 02:42
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
7.9 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.11.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.8.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
|
| io.airlift:aircompressor |
CVE-2024-36114 |
高危 |
0.10 |
0.27 |
Decompressors can crash the JVM and leak memory content in Aircompressor
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-05-29 21:15 修改: 2026-06-17 07:36
|
| io.airlift:aircompressor |
CVE-2025-67721 |
高危 |
0.10 |
2.0.3 |
aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67721
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-12 23:15 修改: 2026-06-17 09:58
|
| io.airlift:aircompressor |
CVE-2025-67721 |
高危 |
0.27 |
2.0.3 |
aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67721
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-12 23:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.108.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.108.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.108.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.124.Final |
4.1.133.Final |
Netty is an asynchronous, event-driven network application framework. ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-dns |
CVE-2026-42579 |
高危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-haproxy |
CVE-2026-44893 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44893
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-44893 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44893
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-44893 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44893
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-48059 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48059
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-48059 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48059
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-48059 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48059
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-44893 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty-codec-haproxy: Denial of Service via malformed HAProxy message
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44893
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-haproxy |
CVE-2026-48059 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-haproxy: Netty HAProxy PROXY protocol v2 codec: Denial of Service via memory leak from crafted PROXY protocol headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48059
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.108.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.108.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.108.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.124.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.108.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.108.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.108.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.108.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.108.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.108.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.124.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-redis |
CVE-2026-44250 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44250
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-redis |
CVE-2026-44250 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44250
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-redis |
CVE-2026-44250 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44250
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-redis |
CVE-2026-44890 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44890
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-44890 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44890
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-44890 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44890
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-48006 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48006
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-48006 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48006
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-48006 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48006
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-50011 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty: Denial of Service via malicious Redis array header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50011
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-50011 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty: Denial of Service via malicious Redis array header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50011
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-50011 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty: Denial of Service via malicious Redis array header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50011
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-44250 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payload with deeply nested arrays
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44250
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-redis |
CVE-2026-44890 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: netty-codec-redis: Denial of Service via crafted Redis payloads
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44890
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-48006 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty's Lack of Lifecycle Cleanup Leads to Pooled ByteBuf Leak in RedisArrayAggregator
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48006
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-redis |
CVE-2026-50011 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-redis: Netty: Denial of Service via malicious Redis array header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50011
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-smtp |
CVE-2025-59419 |
高危 |
4.1.108.Final |
4.2.7.Final, 4.1.128.Final |
io.netty/netty-codec-smtp: Netty netty-codec-smtp SMTP Command Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59419
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-15 16:15 修改: 2026-06-17 09:46
|
| io.netty:netty-codec-smtp |
CVE-2025-59419 |
高危 |
4.1.108.Final |
4.2.7.Final, 4.1.128.Final |
io.netty/netty-codec-smtp: Netty netty-codec-smtp SMTP Command Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59419
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-15 16:15 修改: 2026-06-17 09:46
|
| io.netty:netty-codec-smtp |
CVE-2025-59419 |
高危 |
4.1.108.Final |
4.2.7.Final, 4.1.128.Final |
io.netty/netty-codec-smtp: Netty netty-codec-smtp SMTP Command Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59419
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-15 16:15 修改: 2026-06-17 09:46
|
| io.netty:netty-codec-smtp |
CVE-2025-59419 |
高危 |
4.1.124.Final |
4.2.7.Final, 4.1.128.Final |
io.netty/netty-codec-smtp: Netty netty-codec-smtp SMTP Command Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59419
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-15 16:15 修改: 2026-06-17 09:46
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.108.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.108.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.108.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-11 22:16 修改: 2026-06-30 03:19
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-45674 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-resolver-dns |
CVE-2026-47691 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-transport-sctp |
CVE-2026-46340 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46340
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-transport-sctp |
CVE-2026-46340 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46340
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-transport-sctp |
CVE-2026-46340 |
高危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46340
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| io.netty:netty-transport-sctp |
CVE-2026-46340 |
高危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-sctp: Netty-transport-sctp: Denial of Service due to unbounded memory growth from SctpMessage fragments
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-46340
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20
|
| com.fasterxml.jackson.core:jackson-core |
CVE-2025-52999 |
高危 |
2.12.7 |
2.15.0 |
com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.12.7.1 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| org.apache.avro:avro |
CVE-2023-39410 |
高危 |
1.8.2 |
1.11.3 |
apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2023-09-29 17:15 修改: 2026-06-17 06:12
|
| org.apache.hive:hive-service |
CVE-2024-23945 |
高危 |
3.1.3 |
4.0.0 |
Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23945
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-12-23 16:15 修改: 2026-06-17 07:13
|
| org.apache.thrift:libthrift |
CVE-2026-43869 |
高危 |
0.14.0 |
0.23.0 |
Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-05 08:16 修改: 2026-07-01 13:17
|
| org.apache.thrift:libthrift |
CVE-2026-43869 |
高危 |
0.14.0 |
0.23.0 |
Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-05 08:16 修改: 2026-07-01 13:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.12.7.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-30 03:21
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.17.0 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.17.0 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-30 03:21
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.17.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.17.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.17.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-30 03:21
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-24734 |
高危 |
9.0.113 |
11.0.18, 10.1.52, 9.0.115 |
tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24734
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-17 19:21 修改: 2026-06-30 03:17
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-24734 |
高危 |
9.0.113 |
11.0.18, 10.1.52, 9.0.115 |
tomcat: Apache Tomcat: Certificate revocation bypass due to improper OCSP response validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24734
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-17 19:21 修改: 2026-06-30 03:17
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-24880 |
高危 |
9.0.113 |
9.0.116, 10.1.52, 11.0.20 |
Apache Tomcat: Apache Tomcat: HTTP Request/Response Smuggling via invalid chunk extension
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24880
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:23
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-24880 |
高危 |
9.0.113 |
9.0.116, 10.1.52, 11.0.20 |
Apache Tomcat: Apache Tomcat: HTTP Request/Response Smuggling via invalid chunk extension
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24880
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:23
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-34483 |
高危 |
9.0.113 |
9.0.116, 10.1.54, 11.0.21 |
Apache Tomcat: Apache Tomcat: Information disclosure due to improper encoding in JsonAccessLogValve
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34483
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:39
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-34483 |
高危 |
9.0.113 |
9.0.116, 10.1.54, 11.0.21 |
Apache Tomcat: Apache Tomcat: Information disclosure due to improper encoding in JsonAccessLogValve
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34483
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:39
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-41284 |
高危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
Allocation of Resources Without Limits or Throttling vulnerability in ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41284
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:46
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-41284 |
高危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
Allocation of Resources Without Limits or Throttling vulnerability in ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41284
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:46
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-42498 |
高危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42498
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:47
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-42498 |
高危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: Information disclosure due to HTTP Authentication Header exposure during WebSocket authentication.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42498
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:47
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43513 |
高危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-catalina: Apache Tomcat: Improper Handling of Case Sensitivity in LockOutRealm
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43513
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43513 |
高危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-catalina: Apache Tomcat: Improper Handling of Case Sensitivity in LockOutRealm
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43513
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.apache.zookeeper:zookeeper |
CVE-2026-24281 |
高危 |
3.8.4 |
3.8.6, 3.9.5 |
Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24281
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-07 09:16 修改: 2026-06-30 03:17
|
| org.apache.zookeeper:zookeeper |
CVE-2026-24308 |
高危 |
3.8.4 |
3.9.5, 3.8.6 |
Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24308
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-07 09:16 修改: 2026-06-30 03:17
|
| org.apache.zookeeper:zookeeper |
CVE-2024-51504 |
高危 |
3.9.2 |
3.9.3 |
org.apache.zookeeper: Apache ZooKeeper: Authentication bypass with IP-based authentication in Admin Server
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-51504
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-11-07 10:15 修改: 2026-06-17 08:05
|
| org.apache.zookeeper:zookeeper |
CVE-2026-24281 |
高危 |
3.9.2 |
3.8.6, 3.9.5 |
Apache ZooKeeper: Apache ZooKeeper: Impersonation of servers or clients via reverse DNS spoofing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24281
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-07 09:16 修改: 2026-06-30 03:17
|
| org.apache.zookeeper:zookeeper |
CVE-2026-24308 |
高危 |
3.9.2 |
3.9.5, 3.8.6 |
Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24308
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-07 09:16 修改: 2026-06-30 03:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.17.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-30 03:21
|
| org.eclipse.jetty.http2:http2-common |
CVE-2024-22201 |
高危 |
9.4.53.v20231009 |
9.4.54, 10.0.20, 11.0.20 |
jetty: stop accepting new connections from valid clients
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22201
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-02-26 16:27 修改: 2026-06-17 07:10
|
| org.eclipse.jetty.http2:http2-common |
CVE-2025-5115 |
高危 |
9.4.53.v20231009 |
9.4.58, 10.0.26, 11.0.26 |
jetty: HTTP/2 (including DNS over HTTPS) contains a design flaw and is vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5115
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-08-20 20:15 修改: 2026-06-17 09:47
|
| org.eclipse.jetty:jetty-http |
CVE-2026-2332 |
高危 |
9.4.57.v20241219 |
12.1.7, 12.0.33 |
org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-14 12:16 修改: 2026-06-30 03:18
|
| org.jline:jline-remote-telnet |
GHSA-2r2c-cx56-8933 |
高危 |
3.9.0 |
4.2.1 |
JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry
漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
|
| org.jline:jline-remote-telnet |
GHSA-2r2c-cx56-8933 |
高危 |
3.9.0 |
4.2.1 |
JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry
漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
|
| org.jline:jline-remote-telnet |
GHSA-47qp-hqvx-6r3f |
高危 |
3.9.0 |
4.2.1 |
JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables
漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
|
| org.jline:jline-remote-telnet |
GHSA-47qp-hqvx-6r3f |
高危 |
3.9.0 |
4.2.1 |
JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables
漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
|
| org.lz4:lz4-java |
CVE-2025-12183 |
高危 |
1.8.0 |
1.8.1 |
lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31
|
| org.lz4:lz4-java |
CVE-2025-66566 |
高危 |
1.8.0 |
|
lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57
|
| com.google.protobuf:protobuf-java |
CVE-2021-22569 |
高危 |
2.5.0 |
3.16.1, 3.18.2, 3.19.2 |
protobuf-java: potential DoS in the parsing procedure for binary data
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
|
| org.postgresql:postgresql |
CVE-2022-21724 |
高危 |
42.2.16.jre7 |
42.2.25, 42.3.2 |
jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21724
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2022-02-02 12:15 修改: 2026-06-17 04:26
|
| org.postgresql:postgresql |
CVE-2022-31197 |
高危 |
42.2.16.jre7 |
42.2.26, 42.4.1, 42.3.7 |
postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31197
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2022-08-03 19:15 修改: 2026-06-17 04:45
|
| org.postgresql:postgresql |
CVE-2026-42198 |
高危 |
42.2.16.jre7 |
42.7.11 |
jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42198
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2026-04-29 16:16 修改: 2026-06-30 03:19
|
| org.springframework.security:spring-security-crypto |
CVE-2025-22228 |
高危 |
5.7.12 |
6.3.8, 6.4.4, 6.2.10, 6.1.14, 6.0.16, 5.8.18, 5.7.16 |
spring-security-core: Spring Security BCryptPasswordEncoder does not enforce maximum password length
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22228
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-03-20 06:15 修改: 2026-06-17 08:45
|
| com.google.protobuf:protobuf-java |
CVE-2021-22569 |
高危 |
2.5.0 |
3.16.1, 3.18.2, 3.19.2 |
protobuf-java: potential DoS in the parsing procedure for binary data
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
|
| com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
2.5.0 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
|
| org.springframework:spring-core |
CVE-2025-41249 |
高危 |
5.3.39 |
6.2.11 |
org.springframework/spring-core: Spring Framework Annotation Detection Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-41249
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-16 11:15 修改: 2026-06-17 09:22
|
| com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
2.5.0 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2025-53864 |
中危 |
7.9 |
10.0.2, 9.37.4 |
com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2025-53864 |
中危 |
9.37.2 |
10.0.2, 9.37.4 |
com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.12.7.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.12.7.1 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.108.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.108.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.108.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.108.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.108.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.108.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| commons-lang:commons-lang |
CVE-2025-48924 |
中危 |
2.6 |
|
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.108.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.108.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.108.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.108.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.108.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.108.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| commons-lang:commons-lang |
CVE-2025-48924 |
中危 |
2.6 |
|
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| commons-lang:commons-lang |
CVE-2025-48924 |
中危 |
2.6 |
|
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| commons-net:commons-net |
CVE-2021-37533 |
中危 |
3.1 |
3.9.0 |
apache-commons-net: FTP client trusts the host from PASV response by default
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37533
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2022-12-03 15:15 修改: 2026-06-17 04:00
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.124.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-resolver-dns |
CVE-2026-45673 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.118.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-epoll |
CVE-2026-45536 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-transport-native-kqueue |
CVE-2026-45536 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.124.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.opentelemetry:opentelemetry-api |
CVE-2026-45292 |
中危 |
1.40.0 |
1.62.0 |
opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-28 17:16 修改: 2026-07-01 13:17
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| ch.qos.logback:logback-core |
CVE-2025-11226 |
中危 |
1.3.14 |
1.5.19, 1.3.16 |
ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-01 08:15 修改: 2026-06-25 17:16
|
| ch.qos.logback:logback-core |
CVE-2024-12798 |
中危 |
1.3.14 |
1.5.13, 1.3.15 |
logback-core: arbitrary code execution via JaninoEventEvaluator
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-12-19 16:15 修改: 2026-06-17 07:00
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
中危 |
1.21 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.21 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:17
|
| org.apache.commons:commons-configuration2 |
CVE-2026-45205 |
中危 |
2.10.1 |
2.15.0 |
Uncontrolled Recursion vulnerability in Apache Commons. When processi ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29131 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29131 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29131 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29133 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29133 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29133 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
|
| org.apache.commons:commons-configuration2 |
CVE-2026-45205 |
中危 |
2.8.0 |
2.15.0 |
Uncontrolled Recursion vulnerability in Apache Commons. When processi ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
|
| org.apache.commons:commons-configuration2 |
CVE-2026-45205 |
中危 |
2.8.0 |
2.15.0 |
Uncontrolled Recursion vulnerability in Apache Commons. When processi ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
|
| org.apache.commons:commons-configuration2 |
CVE-2026-45205 |
中危 |
2.8.0 |
2.15.0 |
Uncontrolled Recursion vulnerability in Apache Commons. When processi ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45205
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-14 12:16 修改: 2026-06-17 10:51
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.17.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.9 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.9 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.hive:hive-exec |
CVE-2024-29869 |
中危 |
3.1.3 |
4.0.1 |
Apache Hive Incorrectly Assigns Permissions for a Critical Resource
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29869
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-01-28 22:15 修改: 2026-06-17 07:23
|
| org.apache.hive:hive-llap-common |
CVE-2024-23953 |
中危 |
3.1.3 |
4.0.0 |
Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23953
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-01-28 09:15 修改: 2026-06-17 07:13
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.17.0 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| org.apache.poi:poi-ooxml |
CVE-2025-31672 |
中危 |
5.2.2 |
5.4.0 |
org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31672
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-04-09 12:15 修改: 2026-06-17 09:10
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.17.0 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-core |
CVE-2025-49128 |
中危 |
2.12.7 |
2.13.0 |
com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.12.7 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.108.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.108.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.108.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.108.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.108.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.108.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.108.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.17.0 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.124.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.124.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.124.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-25854 |
中危 |
9.0.113 |
9.0.116, 10.1.53, 11.0.20 |
Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25854
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:25
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-25854 |
中危 |
9.0.113 |
9.0.116, 10.1.53, 11.0.20 |
Apache Tomcat: Apache Tomcat: Open Redirect vulnerability via LoadBalancerDrainingValve
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25854
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:25
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-32990 |
中危 |
9.0.113 |
9.0.116, 10.1.53, 11.0.20 |
Apache Tomcat: Apache Tomcat: Improper Input Validation vulnerability due to incomplete fix
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32990
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:36
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-32990 |
中危 |
9.0.113 |
9.0.116, 10.1.53, 11.0.20 |
Apache Tomcat: Apache Tomcat: Improper Input Validation vulnerability due to incomplete fix
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32990
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-09 20:16 修改: 2026-06-17 10:36
|
| io.netty:netty-codec-mqtt |
CVE-2026-44248 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-mqtt |
CVE-2026-44248 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-mqtt |
CVE-2026-44248 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-codec-mqtt |
CVE-2026-44248 |
中危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-mqtt: Netty: Denial of Service due to excessive resource consumption from crafted MQTT 5 header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44248
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.17.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| org.apache.zookeeper:zookeeper |
CVE-2025-58457 |
中危 |
3.9.2 |
3.9.4 |
org.apache.zookeeper/zookeeper: Apache ZooKeeper: Insufficient Permission Check
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58457
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-24 10:15 修改: 2026-06-17 09:44
|
| org.bouncycastle:bcpkix-jdk18on |
CVE-2026-5588 |
中危 |
1.79 |
1.84 |
bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.17.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| org.bouncycastle:bcprov-jdk18on |
CVE-2026-0636 |
中危 |
1.78.1 |
1.84 |
bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.17.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.17.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.17.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.57.v20241219 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18
|
| org.elasticsearch:elasticsearch |
CVE-2024-52980 |
中危 |
7.17.29 |
8.15.1 |
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52980
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-04-08 17:15 修改: 2026-06-17 08:07
|
| org.elasticsearch:elasticsearch |
CVE-2024-52980 |
中危 |
7.17.29 |
8.15.1 |
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52980
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-04-08 17:15 修改: 2026-06-17 08:07
|
| org.elasticsearch:elasticsearch |
CVE-2025-37727 |
中危 |
7.17.29 |
8.18.8, 8.19.5, 9.0.8, 9.1.5 |
org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15
|
| org.elasticsearch:elasticsearch |
CVE-2025-37727 |
中危 |
7.17.29 |
8.18.8, 8.19.5, 9.0.8, 9.1.5 |
org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15
|
| org.elasticsearch:elasticsearch |
CVE-2025-37731 |
中危 |
7.17.29 |
8.19.8, 9.1.8, 9.2.2 |
elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15
|
| org.elasticsearch:elasticsearch |
CVE-2025-37731 |
中危 |
7.17.29 |
8.19.8, 9.1.8, 9.2.2 |
elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15
|
| com.fasterxml.woodstox:woodstox-core |
CVE-2022-40152 |
中危 |
5.3.0 |
6.4.0, 5.4.0 |
woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
|
| com.google.guava:guava |
CVE-2018-10237 |
中危 |
11.0.2 |
24.1.1-android |
guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33
|
| com.google.guava:guava |
CVE-2023-2976 |
中危 |
11.0.2 |
32.0.0-android |
guava: insecure temporary directory creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.17.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.17.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| ch.qos.logback:logback-core |
CVE-2024-12798 |
中危 |
1.3.14 |
1.5.13, 1.3.15 |
logback-core: arbitrary code execution via JaninoEventEvaluator
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-12-19 16:15 修改: 2026-06-17 07:00
|
| ch.qos.logback:logback-core |
CVE-2025-11226 |
中危 |
1.3.14 |
1.5.19, 1.3.16 |
ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-10-01 08:15 修改: 2026-06-25 17:16
|
| io.netty:netty-codec-redis |
CVE-2026-42586 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42586
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-redis |
CVE-2026-42586 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42586
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-redis |
CVE-2026-42586 |
中危 |
4.1.108.Final |
4.2.13.Final, 4.1.133.Final |
netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42586
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| org.postgresql:postgresql |
CVE-2022-41946 |
中危 |
42.2.16.jre7 |
42.2.27, 42.3.8, 42.4.3, 42.5.1 |
postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41946
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2022-11-23 20:15 修改: 2026-06-17 05:04
|
| org.postgresql:postgresql |
GHSA-673j-qm5f-xpv8 |
中危 |
42.2.16.jre7 |
42.3.3 |
pgjdbc Arbitrary File Write Vulnerability
漏洞详情: https://github.com/advisories/GHSA-673j-qm5f-xpv8
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2022-02-16 00:08 修改: 2024-01-22 19:35
|
| org.springframework.security:spring-security-core |
CVE-2024-38827 |
中危 |
5.7.12 |
5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5 |
spring-security: authorization bypass for case sensitive comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-12-02 15:15 修改: 2026-06-17 07:41
|
| com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
2.5.0 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
|
| com.google.protobuf:protobuf-java |
CVE-2022-3171 |
中危 |
2.5.0 |
3.21.7, 3.20.3, 3.19.6, 3.16.3 |
protobuf-java: timeout in parser leads to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2025-53864 |
中危 |
10.0.1 |
10.0.2, 9.37.4 |
com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
|
| org.springframework.security:spring-security-web |
CVE-2026-47838 |
中危 |
5.7.12 |
6.5.11 |
Spring Security Vulnerable to Unauthorized User Impersonation when Using X.509 Client Certificates
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47838
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-10 00:16 修改: 2026-06-30 22:16
|
| org.springframework:spring-context |
CVE-2024-38820 |
中危 |
5.3.39 |
6.1.14 |
The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-50193 |
中危 |
2.12.7.1 |
2.14.0 |
jackson-databind: Jackson-databind: Denial of Service via deeply nested JSON processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50193
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:05
|
| io.netty:netty-codec-redis |
CVE-2026-42586 |
中危 |
4.1.124.Final |
4.2.13.Final, 4.1.133.Final |
netty-codec-redis: Netty: Command injection via CRLF characters in Redis codec encoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42586
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| org.springframework:spring-web |
CVE-2024-38820 |
中危 |
5.3.39 |
6.1.14 |
The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41
|
| ch.qos.logback:logback-core |
CVE-2024-12801 |
低危 |
1.3.14 |
1.5.13, 1.3.15 |
logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-12-19 17:15 修改: 2026-06-17 07:00
|
| ch.qos.logback:logback-core |
CVE-2026-1225 |
低危 |
1.3.14 |
1.5.25 |
ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.108.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.108.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.108.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.124.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19
|
| com.google.guava:guava |
CVE-2020-8908 |
低危 |
11.0.2 |
32.0.0-android |
guava: local information disclosure via temporary directory created with unsafe permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
|
| commons-configuration:commons-configuration |
CVE-2025-46392 |
低危 |
1.6 |
|
apache-commons-configuration: Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46392
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-05-09 10:15 修改: 2026-06-17 09:26
|
| org.eclipse.jetty:jetty-http |
CVE-2025-11143 |
低危 |
9.4.57.v20241219 |
12.0.31, 12.1.5 |
org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-03-05 10:15 修改: 2026-06-17 08:29
|
| org.postgresql:postgresql |
CVE-2022-26520 |
低危 |
42.2.16.jre7 |
42.3.3 |
postgresql-jdbc: Arbitrary File Write Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26520
镜像层: sha256:05c16fc4559c40c8b309c2f90a134938bc3381ccca5fff83f664557d6d7f9469
发布日期: 2022-03-10 17:47 修改: 2026-06-17 04:35
|
| ch.qos.logback:logback-core |
CVE-2026-1225 |
低危 |
1.3.14 |
1.5.25 |
ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15
|
| org.springframework.security:spring-security-core |
CVE-2026-22746 |
低危 |
5.7.12 |
6.5.10, 7.0.5 |
Spring Security: Spring Security: Timing attack defense bypass allows information disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22746
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-04-22 06:16 修改: 2026-06-17 10:20
|
| ch.qos.logback:logback-core |
CVE-2024-12801 |
低危 |
1.3.14 |
1.5.13, 1.3.15 |
logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-12-19 17:15 修改: 2026-06-17 07:00
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43514 |
低危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: Information disclosure via AJP secret timing discrepancy
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43514
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| org.apache.tomcat.embed:tomcat-embed-core |
CVE-2026-43514 |
低危 |
9.0.113 |
9.0.118, 10.1.55, 11.0.22 |
tomcat-coyote: Apache Tomcat: Information disclosure via AJP secret timing discrepancy
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43514
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2026-05-12 16:16 修改: 2026-06-17 10:49
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.108.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| org.apache.hadoop:hadoop-common |
CVE-2024-23454 |
低危 |
2.10.2 |
3.4.0 |
Apache Hadoop: Temporary File Local Information Disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2024-09-25 08:15 修改: 2026-06-17 07:12
|
| org.springframework:spring-context |
CVE-2025-22233 |
低危 |
5.3.39 |
6.2.7, 6.1.20 |
CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22233
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-05-16 20:15 修改: 2026-06-17 08:45
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.108.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.108.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.124.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:a2b98b9243c22e1314872215247ff1696aceff113a8f060412a1a39618bd0853
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|