docker.io/apache/spark:3.5.3-scala2.12-java11-ubuntu linux/amd64

docker.io/apache/spark:3.5.3-scala2.12-java11-ubuntu - Trivy安全扫描结果 扫描时间: 2024-11-24 01:32
全部漏洞信息
低危漏洞:67 中危漏洞:49 高危漏洞:29 严重漏洞:5

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2024-11-24 01:32

docker.io/apache/spark:3.5.3-scala2.12-java11-ubuntu (ubuntu 20.04) (ubuntu)
低危漏洞:60 中危漏洞:28 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
curl CVE-2024-7264 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35

curl CVE-2024-8096 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26

krb5-user CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libcurl4 CVE-2024-7264 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35

libcurl4 CVE-2024-8096 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26

libexpat1 CVE-2024-45490 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.7 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24

libexpat1 CVE-2024-45491 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.7 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28

libexpat1 CVE-2024-45492 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.7 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28

libgcrypt20 CVE-2024-2236 中危 1.8.5-5ubuntu1.1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15

libgssapi-krb5-2 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libgssrpc4 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-26462 中危 1.17-6ubuntu4.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48

libk5crypto3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39

libkadm5clnt-mit11 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkadm5srv-mit11 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkdb5-9 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5-3 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5support0 CVE-2024-26462 中危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libpam-modules CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam-modules CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libpam-modules-bin CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam-modules-bin CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libpam-runtime CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam-runtime CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

libpam0g CVE-2024-10041 中危 1.3.1-5ubuntu4.7 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-10-23 14:15 修改: 2024-11-12 21:15

libpam0g CVE-2024-10963 中危 1.3.1-5ubuntu4.7 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15

wget CVE-2021-31879 中危 1.20.3-1ubuntu2.1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52

libgssapi-krb5-2 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

gpg-wks-client CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libgssrpc4 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libgssrpc4 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

gpg-wks-server CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpgconf CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpgsm CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libk5crypto3 CVE-2024-26458 低危 1.17-6ubuntu4.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libk5crypto3 CVE-2024-26461 低危 1.17-6ubuntu4.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

gpgv CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libkadm5clnt-mit11 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkadm5clnt-mit11 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

coreutils CVE-2016-2781 低危 8.30-3ubuntu2 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32

libkadm5srv-mit11 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkadm5srv-mit11 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

krb5-user CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkdb5-9 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkdb5-9 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

krb5-user CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libkrb5-3 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5-3 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libc-bin CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

libkrb5support0 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

libkrb5support0 CVE-2024-26461 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35

libncurses6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

libncurses6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

libncursesw6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

libncursesw6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

libc6 CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

dirmngr CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gnupg CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gnupg-l10n CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gnupg-utils CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gnupg2 CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpg CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

gpg-agent CVE-2022-3219 低危 2.2.19-3ubuntu2.2 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31

libpcre2-8-0 CVE-2022-41409 低危 10.34-7ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46

libpcre3 CVE-2017-11164 低危 2:8.39-12ubuntu0.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38

libssl1.1 CVE-2024-2511 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

libssl1.1 CVE-2024-4741 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01

libssl1.1 CVE-2024-5535 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15

libsystemd0 CVE-2023-26604 低危 245.4-4ubuntu3.23 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

libsystemd0 CVE-2023-7008 低危 245.4-4ubuntu3.23 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15

libtinfo6 CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

libtinfo6 CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

libudev1 CVE-2023-26604 低危 245.4-4ubuntu3.23 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09

libudev1 CVE-2023-7008 低危 245.4-4ubuntu3.23 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15

locales CVE-2016-20013 低危 2.31-0ubuntu9.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43

login CVE-2013-4235 低危 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28

login CVE-2023-29383 低危 1:4.8.1-1ubuntu5.20.04.5 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05

ncurses-base CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

ncurses-base CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

ncurses-bin CVE-2023-45918 低危 6.2-0ubuntu2.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15

ncurses-bin CVE-2023-50495 低危 6.2-0ubuntu2.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15

openssl CVE-2024-2511 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15

openssl CVE-2024-4741 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01

openssl CVE-2024-5535 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15

passwd CVE-2013-4235 低危 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: TOCTOU race conditions by copying and removing directory trees

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4235

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2019-12-03 15:15 修改: 2023-02-13 00:28

passwd CVE-2023-29383 低危 1:4.8.1-1ubuntu5.20.04.5 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05

libgssapi-krb5-2 CVE-2024-26458 低危 1.17-6ubuntu4.7 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:ae866224aa472db5a8a2c4e4a0bac17640332e40212493c328150f8d0e17d233

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09

Java (jar)
低危漏洞:7 中危漏洞:21 高危漏洞:29 严重漏洞:5
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.avro:avro CVE-2024-47561 严重 1.11.2 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15

org.apache.avro:avro CVE-2024-47561 严重 1.7.7 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15

org.apache.derby:derby CVE-2022-46337 严重 10.14.2.0 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0 A cleverly devised username might bypass LDAP authentication checks. I ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46337

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-11-20 09:15 修改: 2024-04-26 16:08

org.apache.zookeeper:zookeeper CVE-2023-44981 严重 3.6.3 3.7.2, 3.8.3, 3.9.1 zookeeper: Authorization Bypass in Apache ZooKeeper

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-10-11 12:15 修改: 2024-06-21 19:15

org.codehaus.jackson:jackson-mapper-asl CVE-2019-10202 严重 1.9.13 codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10202

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2019-10-01 15:15 修改: 2023-02-12 23:33

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.3.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.3.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.3.0 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.google.protobuf:protobuf-java CVE-2021-22569 高危 3.7.1 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15

com.google.protobuf:protobuf-java CVE-2021-22570 高危 3.7.1 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30

com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57

com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.7.1 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30

com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.8.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35

commons-io:commons-io CVE-2024-47554 高危 2.8.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50

dnsjava:dnsjava CVE-2024-25638 高危 2.1.7 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15

io.netty:netty-codec-http2 GHSA-xpw8-rcwv-8f8p 高危 4.1.96.Final 4.1.100.Final io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

io.netty:netty-common CVE-2024-47535 高危 4.1.96.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01

net.minidev:json-smart CVE-2021-31684 高危 1.3.2 1.3.3, 2.4.4 json-smart: Denial of Service in JSONParserByteArray function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31684

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2021-06-01 20:15 修改: 2024-06-21 19:15

net.minidev:json-smart CVE-2023-1370 高危 1.3.2 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15

com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.7 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15

org.apache.avro:avro CVE-2023-39410 高危 1.11.2 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15

com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.7 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10

org.apache.avro:avro CVE-2023-39410 高危 1.7.7 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15

org.apache.commons:commons-compress CVE-2024-25710 高危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

org.apache.commons:commons-compress CVE-2024-25710 高危 1.23.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15

com.google.code.gson:gson CVE-2022-25647 高危 2.2.4 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33

org.apache.ivy:ivy CVE-2022-46751 高危 2.5.1 2.5.2 apache-ivy: XML External Entity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46751

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-08-21 07:15 修改: 2024-09-27 21:35

org.apache.mesos:mesos CVE-2018-1330 高危 1.4.3 1.6.0 Crash when decoding malformed HTTP requests or malformed JSON payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1330

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2018-09-13 19:29 修改: 2023-11-07 02:55

org.apache.thrift:libthrift CVE-2019-0205 高危 0.12.0 0.13.0 thrift: Endless loop when feed with specific input data

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2019-10-29 19:15 修改: 2023-11-07 03:01

org.apache.thrift:libthrift CVE-2020-13949 高危 0.12.0 0.14.0 libthrift: potential DoS when processing untrusted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2021-02-12 20:15 修改: 2023-11-07 03:17

com.google.protobuf:protobuf-java CVE-2021-22569 高危 3.3.0 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15

com.google.protobuf:protobuf-java CVE-2021-22570 高危 3.3.0 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30

org.codehaus.jackson:jackson-mapper-asl CVE-2019-10172 高危 1.9.13 jackson-mapper-asl: XML external entity similar to CVE-2016-3720

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10172

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2019-11-18 17:15 修改: 2023-02-12 23:33

com.google.guava:guava CVE-2023-2976 中危 14.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

commons-net:commons-net CVE-2021-37533 中危 3.6 3.9.0 apache-commons-net: FTP client trusts the host from PASV response by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37533

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-12-03 15:15 修改: 2023-01-10 19:29

org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.3.0 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

org.apache.commons:commons-compress CVE-2023-42503 中危 1.23.0 1.24.0 apache-commons-compress: Denial of service via CPU consumption for malformed TAR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-09-14 08:15 修改: 2024-02-21 21:27

org.apache.commons:commons-compress CVE-2024-26308 中危 1.23.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54

org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.1.1 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-03-21 09:15 修改: 2024-08-28 15:35

org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.1.1 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.96.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15

com.google.guava:guava CVE-2023-2976 中危 30.1.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

com.google.guava:guava CVE-2023-2976 中危 30.1.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

com.fasterxml.woodstox:woodstox-core CVE-2022-40152 中危 5.3.0 6.4.0, 5.4.0 woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-09-16 10:15 修改: 2023-02-09 01:36

com.google.guava:guava CVE-2018-10237 中危 14.0.1 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51

com.google.guava:guava CVE-2018-10237 中危 14.0.1 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51

org.apache.zookeeper:zookeeper CVE-2024-23944 中危 3.6.3 3.8.4, 3.9.2 Information disclosure in persistent watchers handling in Apache ZooKe ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23944

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-03-15 11:15 修改: 2024-11-15 21:35

com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.7.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50

com.google.guava:guava CVE-2023-2976 中危 14.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15

org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.43.v20210629 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.54.v20240208 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15

org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.54.v20240208 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00

com.google.guava:guava CVE-2020-8908 低危 30.1.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

com.google.guava:guava CVE-2020-8908 低危 14.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

org.apache.hadoop:hadoop-common CVE-2024-23454 低危 3.3.4 3.4.0 Apache Hadoop: Temporary File Local Information Disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2024-09-25 08:15 修改: 2024-11-05 20:35

org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10

com.google.guava:guava CVE-2020-8908 低危 14.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

com.google.guava:guava CVE-2020-8908 低危 30.1.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30

org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh 低危 9.4.43.v20210629 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823 Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations

漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh

镜像层: sha256:356c8b2412ab6a373ef51f65fc062a97041aa459931a34a4b8660571d5465890

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00