docker.io/apache/rocketmq:5.3.1 linux/amd64

docker.io/apache/rocketmq:5.3.1 - Trivy安全扫描结果 扫描时间: 2024-12-16 18:37
全部漏洞信息
低危漏洞:18 中危漏洞:20 高危漏洞:7 严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2024-12-16 18:37

docker.io/apache/rocketmq:5.3.1 (ubuntu 24.04) (ubuntu)
低危漏洞:18 中危漏洞:13 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libgssapi-krb5-2 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26462 中危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpam-modules CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-10-23 14:15 修改: 2024-11-26 16:15
libpam-modules CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-modules-bin CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-10-23 14:15 修改: 2024-11-26 16:15
libpam-modules-bin CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-runtime CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-10-23 14:15 修改: 2024-11-26 16:15
libpam-runtime CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam0g CVE-2024-10041 中危 1.5.3-5ubuntu5.1 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-10-23 14:15 修改: 2024-11-26 16:15
libpam0g CVE-2024-10963 中危 1.5.3-5ubuntu5.1 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
wget CVE-2021-31879 中危 1.21.4-1ubuntu4.1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
gpgv CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libkrb5-3 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc-bin CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5support0 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libc6 CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libcurl4t64 CVE-2024-9681 低危 8.5.0-2ubuntu10.4 8.5.0-2ubuntu10.5 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
libgcrypt20 CVE-2024-2236 低危 1.10.3-2build1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
coreutils CVE-2016-2781 低危 9.4-3ubuntu6 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libgssapi-krb5-2 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
curl CVE-2024-9681 低危 8.5.0-2ubuntu10.4 8.5.0-2ubuntu10.5 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
libk5crypto3 CVE-2024-26458 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libssl3t64 CVE-2024-41996 低危 3.0.13-0ubuntu3.4 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:fa0f10cc481ea09f029a04c379029a205cd975840c811f16286b28ae103c66ea

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
locales CVE-2016-20013 低危 2.39-0ubuntu8.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
openssl CVE-2024-41996 低危 3.0.13-0ubuntu3.4 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
libk5crypto3 CVE-2024-26461 低危 1.20.1-6ubuntu2.1 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:5f36de7f84072d9d738df3da8f813a34ec2d951dfb4e78c0d9e08542de8c859b

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
Java (jar)
低危漏洞:0 中危漏洞:7 高危漏洞:7 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
ch.qos.logback:logback-classic CVE-2023-6378 高危 1.3.5 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-core CVE-2023-6378 高危 1.3.5 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
com.alipay.sofa:hessian CVE-2024-46983 高危 3.3.6 3.5.5 SOFA Hessian Remote Command Execution (RCE) Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-46983

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2024-09-19 23:15 修改: 2024-09-25 17:46
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.20.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.20.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.20.1 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
commons-io:commons-io CVE-2024-47554 高危 2.7 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
com.squareup.okio:okio CVE-2023-3635 中危 3.2.0 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.20.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
io.netty:netty-codec-haproxy CVE-2022-41881 中危 4.1.79.Final 4.1.86.Final codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41881

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2022-12-12 18:15 修改: 2023-03-01 15:08
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.69 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33202 中危 1.69 1.70 bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33202

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2023-11-23 16:15 修改: 2024-09-09 13:53
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.69 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.69 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:0cb39991f324d5f5fb26fa7af38b2b6ac2df4b5f52f33b053ed21f2cdfa7a531

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35