docker.io/atlassian/confluence-server:7.13.9-jdk11 linux/amd64

docker.io/atlassian/confluence-server:7.13.9-jdk11 - Trivy安全扫描结果 扫描时间: 2025-02-18 08:07
全部漏洞信息
低危漏洞:84 中危漏洞:333 高危漏洞:330 严重漏洞:48

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2025-02-18 08:07

docker.io/atlassian/confluence-server:7.13.9-jdk11 (ubuntu 22.04) (ubuntu)
低危漏洞:67 中危漏洞:111 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bash CVE-2022-3715 中危 5.1-6ubuntu1 5.1-6ubuntu1.1 bash: a heap-buffer-overflow in valid_parameter_transform

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3715

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-01-05 15:15 修改: 2023-02-24 18:38
bsdutils CVE-2024-28085 中危 1:2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
curl CVE-2024-2398 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.16 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
curl CVE-2024-7264 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.17 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
curl CVE-2024-8096 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.18 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
gcc-12-base CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libblkid1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libc-bin CVE-2024-2961 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.7 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33599 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33600 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33601 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33602 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-2961 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.7 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33599 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33600 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33601 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33602 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libcurl4 CVE-2024-2398 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.16 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-03-27 08:15 修改: 2024-07-30 02:15
libcurl4 CVE-2024-7264 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.17 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libcurl4 CVE-2024-8096 中危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.18 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
libexpat1 CVE-2023-52425 中危 2.4.7-1ubuntu0.2 2.4.7-1ubuntu0.3 expat: parsing large tokens can trigger a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52425

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-02-04 20:15 修改: 2024-08-26 20:35
libexpat1 CVE-2024-28757 中危 2.4.7-1ubuntu0.2 2.4.7-1ubuntu0.3 expat: XML Entity Expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28757

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-03-10 05:15 修改: 2024-05-01 19:15
libexpat1 CVE-2024-45490 中危 2.4.7-1ubuntu0.2 2.4.7-1ubuntu0.4 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libexpat1 CVE-2024-45491 中危 2.4.7-1ubuntu0.2 2.4.7-1ubuntu0.4 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat1 CVE-2024-45492 中危 2.4.7-1ubuntu0.2 2.4.7-1ubuntu0.4 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat1 CVE-2024-50602 中危 2.4.7-1ubuntu0.2 2.4.7-1ubuntu0.5 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-10-27 05:15 修改: 2024-10-30 18:35
libfreetype6 CVE-2025-23022 中危 2.11.1+dfsg-1ubuntu0.2 freetype: signed integer overflow in cf2_doFlex

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23022

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2025-01-10 15:15 修改: 2025-01-16 21:12
libgcc-s1 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libgnutls30 CVE-2024-0553 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.4 gnutls: incomplete fix for CVE-2023-5981

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-01-16 12:15 修改: 2024-09-16 13:15
libgnutls30 CVE-2024-0567 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.4 gnutls: rejects certificate chain with distributed trust

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0567

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-01-16 14:15 修改: 2024-09-16 13:15
libgnutls30 CVE-2024-28834 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.5 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-21 14:15 修改: 2024-11-21 21:15
libgnutls30 CVE-2024-28835 中危 3.7.3-4ubuntu1.3 3.7.3-4ubuntu1.5 gnutls: potential crash during chain building/verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28835

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-21 06:15 修改: 2024-11-22 12:15
libgssapi-krb5-2 CVE-2024-26462 中危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libgssapi-krb5-2 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libk5crypto3 CVE-2024-26462 中危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libk5crypto3 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5-3 CVE-2024-26462 中危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libkrb5-3 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5support0 CVE-2024-26462 中危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-37370 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libkrb5support0 CVE-2024-37371 中危 1.19.2-2ubuntu0.3 1.19.2-2ubuntu0.4 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libmount1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libnghttp2-14 CVE-2024-28182 中危 1.43.0-1ubuntu0.1 1.43.0-1ubuntu0.2 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15
libpam-modules CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g CVE-2024-10041 中危 1.4.0-11ubuntu2.4 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpython3.10-minimal CVE-2023-27043 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
libpython3.10-minimal CVE-2023-6597 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.10-minimal CVE-2024-0397 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 cpython: python: Memory race condition in ssl.SSLContext certificate store methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
libpython3.10-minimal CVE-2024-0450 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.10-minimal CVE-2024-11168 中危 3.10.12-1~22.04.3 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.10-minimal CVE-2024-6232 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
libpython3.10-minimal CVE-2024-6923 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
libpython3.10-minimal CVE-2024-8088 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
libpython3.10-minimal CVE-2024-9287 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.7 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libpython3.10-stdlib CVE-2023-27043 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
libpython3.10-stdlib CVE-2023-6597 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.10-stdlib CVE-2024-0397 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 cpython: python: Memory race condition in ssl.SSLContext certificate store methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
libpython3.10-stdlib CVE-2024-0450 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
libpython3.10-stdlib CVE-2024-11168 中危 3.10.12-1~22.04.3 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.10-stdlib CVE-2024-6232 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
libpython3.10-stdlib CVE-2024-6923 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
libpython3.10-stdlib CVE-2024-8088 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
libpython3.10-stdlib CVE-2024-9287 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.7 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libsmartcols1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
libssh-4 CVE-2023-6004 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.3 libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-01-03 17:15 修改: 2024-09-16 18:15
libssh-4 CVE-2023-6918 中危 0.9.6-2ubuntu0.22.04.2 0.9.6-2ubuntu0.22.04.3 libssh: Missing checks for return values for digests

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2023-12-19 00:15 修改: 2024-09-16 18:15
libssl3 CVE-2022-40735 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2022-11-14 23:15 修改: 2024-04-23 07:15
libssl3 CVE-2024-6119 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.18 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
libstdc++6 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libuuid1 CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
locales CVE-2024-2961 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.7 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
locales CVE-2024-33599 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
locales CVE-2024-33600 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
locales CVE-2024-33601 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
locales CVE-2024-33602 中危 2.35-0ubuntu3.6 2.35-0ubuntu3.8 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
login CVE-2024-56433 中危 1:4.8.1-2ubuntu2.1 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
mount CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
openssl CVE-2022-40735 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.16

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40735

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2022-11-14 23:15 修改: 2024-04-23 07:15
openssl CVE-2024-6119 中危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.18 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
passwd CVE-2024-56433 中危 1:4.8.1-2ubuntu2.1 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
python3-jinja2 CVE-2024-22195 中危 3.0.3-1 3.0.3-1ubuntu0.1 jinja2: HTML attribute injection when passing user input as keys to xmlattr filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22195

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-01-11 03:15 修改: 2024-01-27 03:15
python3-jinja2 CVE-2024-34064 中危 3.0.3-1 3.0.3-1ubuntu0.2 jinja2: accepts keys containing non-attribute characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34064

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-05-06 15:15 修改: 2024-06-10 18:15
python3-jinja2 CVE-2024-56201 中危 3.0.3-1 jinja2: Jinja has a sandbox breakout through malicious filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56201

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-12-23 16:15 修改: 2025-01-08 16:15
python3-jinja2 CVE-2024-56326 中危 3.0.3-1 jinja2: Jinja has a sandbox breakout through indirect reference to format method

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56326

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-12-23 16:15 修改: 2024-12-27 18:15
python3-pkg-resources CVE-2024-6345 中危 59.6.0-1.2ubuntu0.22.04.1 59.6.0-1.2ubuntu0.22.04.2 pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6345

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-07-15 01:15 修改: 2024-07-15 13:00
python3.10 CVE-2023-27043 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3.10 CVE-2023-6597 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.10 CVE-2024-0397 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 cpython: python: Memory race condition in ssl.SSLContext certificate store methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
python3.10 CVE-2024-0450 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.10 CVE-2024-11168 中危 3.10.12-1~22.04.3 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3.10 CVE-2024-6232 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3.10 CVE-2024-6923 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3.10 CVE-2024-8088 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3.10 CVE-2024-9287 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.7 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
python3.10-minimal CVE-2023-27043 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3.10-minimal CVE-2023-6597 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: Path traversal on tempfile.TemporaryDirectory

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6597

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.10-minimal CVE-2024-0397 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 cpython: python: Memory race condition in ssl.SSLContext certificate store methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0397

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 16:15 修改: 2024-07-03 01:44
python3.10-minimal CVE-2024-0450 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.4 python: The zipfile module is vulnerable to zip-bombs leading to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0450

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-03-19 16:15 修改: 2024-06-10 18:15
python3.10-minimal CVE-2024-11168 中危 3.10.12-1~22.04.3 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
python3.10-minimal CVE-2024-6232 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3.10-minimal CVE-2024-6923 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-01 14:15 修改: 2025-01-11 15:15
python3.10-minimal CVE-2024-8088 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3.10-minimal CVE-2024-9287 中危 3.10.12-1~22.04.3 3.10.12-1~22.04.7 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
util-linux CVE-2024-28085 中危 2.37.2-4ubuntu3 2.37.2-4ubuntu3.3 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-27 19:15 修改: 2024-08-26 21:35
wget CVE-2021-31879 中危 1.21.2-2ubuntu1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
wget CVE-2024-38428 中危 1.21.2-2ubuntu1 1.21.2-2ubuntu1.1 wget: Misinterpretation of input may lead to improper behavior

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38428

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-06-16 03:15 修改: 2024-10-28 21:35
libssl3 CVE-2024-5535 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
libcurl4 CVE-2024-11053 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.20 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libstdc++6 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libsystemd0 CVE-2023-7008 低危 249.11-0ubuntu3.11 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libtinfo6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libtinfo6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libudev1 CVE-2023-7008 低危 249.11-0ubuntu3.11 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libpcre2-8-0 CVE-2022-41409 低危 10.39-3ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libzstd1 CVE-2022-4899 低危 1.4.8+dfsg-3build1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59
libpcre3 CVE-2017-11164 低危 2:8.39-13ubuntu0.22.04.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
libgcc-s1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libk5crypto3 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libk5crypto3 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libgcrypt20 CVE-2024-2236 低危 1.9.4-3ubuntu3 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
locales CVE-2016-20013 低危 2.35-0ubuntu3.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libcurl4 CVE-2024-9681 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.19 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
login CVE-2023-29383 低危 1:4.8.1-2ubuntu2.1 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
login CVE-2023-4641 低危 1:4.8.1-2ubuntu2.1 1:4.8.1-2ubuntu2.2 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15
gcc-12-base CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
ncurses-base CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-base CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-bin CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-bin CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libkrb5-3 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
openssl CVE-2023-5678 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
openssl CVE-2023-6129 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
openssl CVE-2023-6237 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Excessive time spent checking invalid RSA public keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
openssl CVE-2024-0727 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
openssl CVE-2024-2511 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
openssl CVE-2024-41996 低危 3.0.2-0ubuntu1.12 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl CVE-2024-4603 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
openssl CVE-2024-4741 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
openssl CVE-2024-5535 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
gpgv CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
passwd CVE-2023-29383 低危 1:4.8.1-2ubuntu2.1 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
passwd CVE-2023-4641 低危 1:4.8.1-2ubuntu2.1 1:4.8.1-2ubuntu2.2 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-27 16:15 修改: 2024-05-03 16:15
libpython3.10-minimal CVE-2024-4032 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
libpython3.10-minimal CVE-2024-7592 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
curl CVE-2024-11053 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.20 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
libc6 CVE-2016-20013 低危 2.35-0ubuntu3.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5support0 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libldap-2.5-0 CVE-2023-2953 低危 2.5.16+dfsg-0ubuntu0.22.04.1 2.5.16+dfsg-0ubuntu0.22.04.2 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2023-05-30 22:15 修改: 2025-01-10 22:15
libc-bin CVE-2016-20013 低危 2.35-0ubuntu3.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libncurses6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncurses6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncursesw6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libpython3.10-stdlib CVE-2024-4032 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
libpython3.10-stdlib CVE-2024-7592 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libncursesw6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
python3.10 CVE-2024-4032 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3.10 CVE-2024-7592 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
curl CVE-2024-9681 低危 7.81.0-1ubuntu1.15 7.81.0-1ubuntu1.19 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:f7ec018ed0afe6cb08d3f2ac93bdfaf9b7f23d1ba6ee1048f79e8cdc2c002d30

发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
libgssapi-krb5-2 CVE-2024-26458 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2 CVE-2024-26461 低危 1.19.2-2ubuntu0.3 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
coreutils CVE-2016-2781 低危 8.32-4.1ubuntu1 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libssl3 CVE-2023-5678 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2023-11-06 16:15 修改: 2024-10-14 15:15
libssl3 CVE-2023-6129 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: POLY1305 MAC implementation corrupts vector registers on PowerPC

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6129

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-01-09 17:15 修改: 2024-10-14 15:15
libssl3 CVE-2023-6237 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: Excessive time spent checking invalid RSA public keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6237

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-04-25 07:15 修改: 2024-11-01 15:35
libssl3 CVE-2024-0727 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.14 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-01-26 09:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-2511 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
python3.10-minimal CVE-2024-4032 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.5 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3.10-minimal CVE-2024-7592 低危 3.10.12-1~22.04.3 3.10.12-1~22.04.6 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:0a311ada9be90933a3b98a17bb92e6b096ece7b86d568e52b9061d9f10abd914

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libssl3 CVE-2024-41996 低危 3.0.2-0ubuntu1.12 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
libssl3 CVE-2024-4603 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3 CVE-2024-4741 低危 3.0.2-0ubuntu1.12 3.0.2-0ubuntu1.17 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:8e87ff28f1b5ff2d5131999ccfa1e674cb252631c50683f5ee43fad59cbea8e1

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
Java (jar)
低危漏洞:17 中危漏洞:218 高危漏洞:329 严重漏洞:48
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.h2database:h2 CVE-2021-42392 严重 1.4.200 2.0.206 h2: Remote Code Execution in Console

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42392

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-01-10 14:10 修改: 2023-02-24 22:15
com.h2database:h2 CVE-2021-42392 严重 1.4.200 2.0.206 h2: Remote Code Execution in Console

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42392

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-01-10 14:10 修改: 2023-02-24 22:15
com.h2database:h2 CVE-2022-23221 严重 1.4.200 2.1.210 h2: Loading of custom classes from remote servers through JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23221

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-01-19 17:15 修改: 2023-08-18 14:15
com.h2database:h2 CVE-2022-23221 严重 1.4.200 2.1.210 h2: Loading of custom classes from remote servers through JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23221

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-01-19 17:15 修改: 2023-08-18 14:15
com.hazelcast:hazelcast CVE-2022-36437 严重 3.11.4 3.12.13, 4.1.10, 4.2.6, 5.0.4, 5.1.3 hazelcast: Hazelcast connection caching

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36437

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-29 23:15 修改: 2023-01-09 18:33
com.hazelcast:hazelcast CVE-2022-36437 严重 3.12.11 3.12.13, 4.1.10, 4.2.6, 5.0.4, 5.1.3 hazelcast: Hazelcast connection caching

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36437

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-29 23:15 修改: 2023-01-09 18:33
com.hazelcast:hazelcast CVE-2022-36437 严重 3.12.11 3.12.13, 4.1.10, 4.2.6, 5.0.4, 5.1.3 hazelcast: Hazelcast connection caching

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36437

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-29 23:15 修改: 2023-01-09 18:33
com.hazelcast:hazelcast CVE-2022-36437 严重 3.12.11 3.12.13, 4.1.10, 4.2.6, 5.0.4, 5.1.3 hazelcast: Hazelcast connection caching

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36437

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-29 23:15 修改: 2023-01-09 18:33
com.twelvemonkeys.imageio:imageio-metadata CVE-2021-23792 严重 3.4.1 3.7.1 The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 ar ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23792

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-06 20:15 修改: 2022-05-17 17:20
com.twelvemonkeys.imageio:imageio-metadata CVE-2021-23792 严重 3.4.1 3.7.1 The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 ar ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23792

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-06 20:15 修改: 2022-05-17 17:20
log4j:log4j CVE-2019-17571 严重 1.2.17 log4j: deserialization of untrusted data in SocketServer

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17571

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2019-12-20 17:15 修改: 2023-11-07 03:06
log4j:log4j CVE-2022-23305 严重 1.2.17 log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23305

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:30
log4j:log4j CVE-2022-23307 严重 1.2.17 log4j: Unsafe deserialization flaw in Chainsaw log viewer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23307

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:29
org.apache.avro:avro CVE-2024-47561 严重 1.7.7 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.avro:avro CVE-2024-47561 严重 1.7.7 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.commons:commons-configuration2 CVE-2022-33980 严重 2.7 2.8.0 apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33980

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-06 13:15 修改: 2022-12-08 03:19
org.apache.commons:commons-configuration2 CVE-2022-33980 严重 2.7 2.8.0 apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-33980

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-07-06 13:15 修改: 2022-12-08 03:19
org.apache.commons:commons-text CVE-2022-42889 严重 1.5 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.5 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.5 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.6 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.6 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.7 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.7 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.8 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.8 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.commons:commons-text CVE-2022-42889 严重 1.8 1.10.0 apache-commons-text: variable interpolation RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42889

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-13 13:15 修改: 2024-01-19 16:15
org.apache.tomcat:tomcat-catalina CVE-2024-52316 严重 9.0.63 9.0.96, 10.1.30, 11.0.1 tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52316

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-18 12:15 修改: 2024-11-18 17:11
org.hsqldb:hsqldb CVE-2022-41853 严重 2.3.0 2.7.1 hsqldb: Untrusted input may lead to RCE attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41853

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-06 18:17 修改: 2023-02-03 23:43
org.liquibase:liquibase-core CVE-2022-0839 严重 3.6.2 4.8.0 liquibase: Improper Restriction of XML External Entity

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0839

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-04 15:15 修改: 2023-02-22 17:45
org.liquibase:liquibase-core CVE-2022-0839 严重 3.6.2 4.8.0 liquibase: Improper Restriction of XML External Entity

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0839

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-04 15:15 修改: 2023-02-22 17:45
org.postgresql:postgresql CVE-2024-1597 严重 42.2.18 42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-19 13:15 修改: 2024-06-10 17:16
org.postgresql:postgresql CVE-2024-1597 严重 42.4.0 42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-19 13:15 修改: 2024-06-10 17:16
org.postgresql:postgresql CVE-2024-1597 严重 42.4.0 42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-19 13:15 修改: 2024-06-10 17:16
org.quartz-scheduler:quartz CVE-2019-13990 严重 1.8.7-atlassian-3 2.3.2 libquartz: XXE attacks via job description

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13990

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2019-07-26 19:15 修改: 2024-10-15 19:35
org.quartz-scheduler:quartz CVE-2019-13990 严重 1.8.7-atlassian-3 2.3.2 libquartz: XXE attacks via job description

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13990

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2019-07-26 19:15 修改: 2024-10-15 19:35
org.springframework.security:spring-security-core CVE-2022-22978 严重 4.2.16.RELEASE 5.5.7, 5.6.4, 5.4.11 springframework: Authorization Bypass in RegexRequestMatcher

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22978

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-19 15:15 修改: 2023-04-11 23:15
org.springframework.security:spring-security-core CVE-2022-22978 严重 4.2.16.RELEASE 5.5.7, 5.6.4, 5.4.11 springframework: Authorization Bypass in RegexRequestMatcher

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22978

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-19 15:15 修改: 2023-04-11 23:15
org.springframework:spring-beans CVE-2022-22965 严重 5.1.18.RELEASE 5.2.20.RELEASE, 5.3.18 spring-framework: RCE via Data Binding on JDK 9+

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-01 23:15 修改: 2024-10-18 19:52
org.springframework:spring-beans CVE-2022-22965 严重 5.3.11 5.2.20.RELEASE, 5.3.18 spring-framework: RCE via Data Binding on JDK 9+

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-01 23:15 修改: 2024-10-18 19:52
org.springframework:spring-web CVE-2016-1000027 严重 5.1.18.RELEASE 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.11 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.19 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.19 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.21 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.21 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-webmvc CVE-2022-22965 严重 5.1.18.RELEASE 5.2.20.RELEASE, 5.3.18 spring-framework: RCE via Data Binding on JDK 9+

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-01 23:15 修改: 2024-10-18 19:52
org.springframework:spring-webmvc CVE-2022-22965 严重 5.3.11 5.2.20.RELEASE, 5.3.18 spring-framework: RCE via Data Binding on JDK 9+

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-01 23:15 修改: 2024-10-18 19:52
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.5 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.5 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.5 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.5 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.5 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.5 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.5 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.5 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.6 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.6 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.6 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.6 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.6 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.6 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.13.0 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.13.0 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.0 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.0 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.2.2 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.2.2 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.2.2 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.2.2 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor CVE-2020-28491 高危 2.8.10 2.11.4, 2.12.1 jackson-dataformat-cbor: Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28491

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-02-18 16:15 修改: 2022-12-06 21:44
com.google.code.gson:gson CVE-2022-25647 高危 2.3.1 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.5 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.5 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.5 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.5 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.6 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.6 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.6 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.6 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.code.gson:gson CVE-2022-25647 高危 2.8.7 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.graphql-java:graphql-java CVE-2022-37734 高危 9.2 17.4, 18.3 graphql-java: DoS by malicious query

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37734

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-12 14:15 修改: 2023-08-08 14:22
com.graphql-java:graphql-java CVE-2022-37734 高危 9.2 17.4, 18.3 graphql-java: DoS by malicious query

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37734

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-12 14:15 修改: 2023-08-08 14:22
com.graphql-java:graphql-java CVE-2023-28867 高危 9.2 0.0.0-2023-03-20T01-49-44-80e3135, 17.5, 18.4, 19.4, 20.1 graphql-java: crafted GraphQL query causes stack consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28867

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-27 01:15 修改: 2023-04-03 14:01
com.graphql-java:graphql-java CVE-2023-28867 高危 9.2 0.0.0-2023-03-20T01-49-44-80e3135, 17.5, 18.4, 19.4, 20.1 graphql-java: crafted GraphQL query causes stack consumption

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28867

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-27 01:15 修改: 2023-04-03 14:01
com.graphql-java:graphql-java CVE-2024-40094 高危 9.2 19.11, 20.9, 21.5 graphql-java: Allocation of Resources Without Limits or Throttling in GraphQL Java

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40094

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-07-30 07:15 修改: 2024-07-30 13:32
com.graphql-java:graphql-java CVE-2024-40094 高危 9.2 19.11, 20.9, 21.5 graphql-java: Allocation of Resources Without Limits or Throttling in GraphQL Java

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40094

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-07-30 07:15 修改: 2024-07-30 13:32
ch.qos.logback:logback-classic CVE-2023-6378 高危 1.2.3 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-classic CVE-2023-6378 高危 1.2.3 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-core CVE-2023-6378 高危 1.2.3 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-core CVE-2023-6378 高危 1.2.3 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
com.h2database:h2 CVE-2021-23463 高危 1.4.200 2.0.202 h2database: XXE injection vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23463

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-12-10 20:15 修改: 2023-08-18 14:15
com.h2database:h2 CVE-2021-23463 高危 1.4.200 2.0.202 h2database: XXE injection vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23463

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-12-10 20:15 修改: 2023-08-18 14:15
com.h2database:h2 CVE-2022-45868 高危 1.4.200 2.2.220 The web-based admin console in H2 Database Engine before 2.2.220 can b ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45868

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-23 21:15 修改: 2024-08-03 15:15
com.h2database:h2 CVE-2022-45868 高危 1.4.200 2.2.220 The web-based admin console in H2 Database Engine before 2.2.220 can b ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45868

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-11-23 21:15 修改: 2024-08-03 15:15
com.amazonaws:aws-java-sdk-s3 CVE-2022-31159 高危 1.11.1017 1.12.261 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31159

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-15 18:15 修改: 2022-07-22 16:27
com.hazelcast:hazelcast CVE-2023-33265 高危 3.11.4 5.2.4, 5.1.7, 5.0.5 Hazelcast Executor Services don't check client permissions properly

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
com.hazelcast:hazelcast CVE-2023-45859 高危 3.11.4 5.2.5, 5.3.5 Missing permission checks on Hazelcast client protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
com.hazelcast:hazelcast CVE-2023-45860 高危 3.11.4 5.3.5, 5.2.5 Hazelcast: Permission checking in CSV File Source connector

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
com.amazonaws:aws-java-sdk-s3 CVE-2022-31159 高危 1.11.1034 1.12.261 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31159

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-15 18:15 修改: 2022-07-22 16:27
com.amazonaws:aws-java-sdk-s3 CVE-2022-31159 高危 1.11.1034 1.12.261 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31159

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-07-15 18:15 修改: 2022-07-22 16:27
com.amazonaws:aws-java-sdk-s3 CVE-2022-31159 高危 1.11.310 1.12.261 Partial Path Traversal in com.amazonaws:aws-java-sdk-s3

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31159

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-15 18:15 修改: 2022-07-22 16:27
com.hazelcast:hazelcast CVE-2023-33265 高危 3.12.11 5.2.4, 5.1.7, 5.0.5 Hazelcast Executor Services don't check client permissions properly

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
com.hazelcast:hazelcast CVE-2023-33265 高危 3.12.11 5.2.4, 5.1.7, 5.0.5 Hazelcast Executor Services don't check client permissions properly

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
com.hazelcast:hazelcast CVE-2023-33265 高危 3.12.11 5.2.4, 5.1.7, 5.0.5 Hazelcast Executor Services don't check client permissions properly

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
com.hazelcast:hazelcast CVE-2023-45859 高危 3.12.11 5.2.5, 5.3.5 Missing permission checks on Hazelcast client protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
com.hazelcast:hazelcast CVE-2023-45859 高危 3.12.11 5.2.5, 5.3.5 Missing permission checks on Hazelcast client protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
com.hazelcast:hazelcast CVE-2023-45859 高危 3.12.11 5.2.5, 5.3.5 Missing permission checks on Hazelcast client protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
com.hazelcast:hazelcast CVE-2023-45860 高危 3.12.11 5.3.5, 5.2.5 Hazelcast: Permission checking in CSV File Source connector

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
com.hazelcast:hazelcast CVE-2023-45860 高危 3.12.11 5.3.5, 5.2.5 Hazelcast: Permission checking in CSV File Source connector

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
com.hazelcast:hazelcast CVE-2023-45860 高危 3.12.11 5.3.5, 5.2.5 Hazelcast: Permission checking in CSV File Source connector

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.20.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.21.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.21.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.22 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.22 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.22.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.22.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.22.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.4 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 8.4 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.8.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.8.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.thoughtworks.xstream:xstream CVE-2021-39139 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39139

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39139 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39139

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39141 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39141

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39141 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39141

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39144 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39144

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2024-06-28 13:42
com.thoughtworks.xstream:xstream CVE-2021-39144 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of sun.tracing.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39144

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2024-06-28 13:42
com.thoughtworks.xstream:xstream CVE-2021-39145 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39145

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39145 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39145

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39146 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39146

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39146 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39146

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39147 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39147

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39147 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapSearchEnumeration

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39147

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39148 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39148

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39148 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.toolkit.dir.ContextEnumerator

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39148

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39149 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39149

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39149 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.corba.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39149

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39150 高危 1.4.17 1.4.18 xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39150

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 19:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39150 高危 1.4.17 1.4.18 xstream: Server-side request forgery (SSRF) via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39150

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 19:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39151 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39151

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39151 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of com.sun.jndi.ldap.LdapBindingEnumeration

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39151

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39152 高危 1.4.17 1.4.18 xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39152

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 19:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39152 高危 1.4.17 1.4.18 xstream: Server-side request forgery (SSRF) via unsafe deserialization of jdk.nashorn.internal.runtime.Source$URLData

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39152

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 19:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39153 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39153

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39153 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of Xalan xsltc.trax.TemplatesImpl

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39153

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39154 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39154

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-39154 高危 1.4.17 1.4.18 xstream: Arbitrary code execution via unsafe deserialization of javax.swing.UIDefaults$ProxyLazyValue

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39154

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 18:15 修改: 2023-11-07 03:37
com.thoughtworks.xstream:xstream CVE-2021-43859 高危 1.4.17 1.4.19 xstream: Injecting highly recursive collections or maps can cause a DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43859

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-02-01 12:15 修改: 2023-11-07 03:39
com.thoughtworks.xstream:xstream CVE-2021-43859 高危 1.4.17 1.4.19 xstream: Injecting highly recursive collections or maps can cause a DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43859

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-02-01 12:15 修改: 2023-11-07 03:39
com.thoughtworks.xstream:xstream CVE-2022-40151 高危 1.4.17 1.4.20 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-16 10:15 修改: 2022-09-20 18:11
com.thoughtworks.xstream:xstream CVE-2022-40151 高危 1.4.17 1.4.20 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2022-09-20 18:11
com.thoughtworks.xstream:xstream CVE-2022-41966 高危 1.4.17 1.4.20 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-28 00:15 修改: 2023-06-27 14:04
com.thoughtworks.xstream:xstream CVE-2022-41966 高危 1.4.17 1.4.20 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-28 00:15 修改: 2023-06-27 14:04
com.thoughtworks.xstream:xstream CVE-2024-47072 高危 1.4.17 1.4.21 com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
com.thoughtworks.xstream:xstream CVE-2024-47072 高危 1.4.17 1.4.21 com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
com.thoughtworks.xstream:xstream CVE-2021-43859 高危 1.4.18 1.4.19 xstream: Injecting highly recursive collections or maps can cause a DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43859

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-02-01 12:15 修改: 2023-11-07 03:39
com.thoughtworks.xstream:xstream CVE-2022-40151 高危 1.4.18 1.4.20 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-16 10:15 修改: 2022-09-20 18:11
com.thoughtworks.xstream:xstream CVE-2022-41966 高危 1.4.18 1.4.20 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-28 00:15 修改: 2023-06-27 14:04
com.thoughtworks.xstream:xstream CVE-2024-47072 高危 1.4.18 1.4.21 com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
com.thoughtworks.xstream:xstream CVE-2022-40151 高危 1.4.19 1.4.20 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-16 10:15 修改: 2022-09-20 18:11
com.thoughtworks.xstream:xstream CVE-2022-40151 高危 1.4.19 1.4.20 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2022-09-20 18:11
com.thoughtworks.xstream:xstream CVE-2022-40151 高危 1.4.19 1.4.20 xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40151

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2022-09-20 18:11
com.thoughtworks.xstream:xstream CVE-2022-41966 高危 1.4.19 1.4.20 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-28 00:15 修改: 2023-06-27 14:04
com.thoughtworks.xstream:xstream CVE-2022-41966 高危 1.4.19 1.4.20 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-28 00:15 修改: 2023-06-27 14:04
com.thoughtworks.xstream:xstream CVE-2022-41966 高危 1.4.19 1.4.20 xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41966

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-28 00:15 修改: 2023-06-27 14:04
com.thoughtworks.xstream:xstream CVE-2024-47072 高危 1.4.19 1.4.21 com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
com.thoughtworks.xstream:xstream CVE-2024-47072 高危 1.4.19 1.4.21 com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
com.thoughtworks.xstream:xstream CVE-2024-47072 高危 1.4.19 1.4.21 com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.11.0 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.11.0 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
commons-fileupload:commons-fileupload CVE-2023-24998 高危 1.4 1.5 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
commons-fileupload:commons-fileupload CVE-2023-24998 高危 1.4 1.5 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
commons-fileupload:commons-fileupload CVE-2023-24998 高危 1.4 1.5 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
commons-io:commons-io CVE-2024-47554 高危 2.10.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-io:commons-io CVE-2024-47554 高危 2.10.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-io:commons-io CVE-2024-47554 高危 2.8.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-io:commons-io CVE-2024-47554 高危 2.8.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
io.netty:netty-codec CVE-2021-37136 高危 4.1.65.Final 4.1.68.Final netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37136

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-10-19 15:15 修改: 2023-11-07 03:36
io.netty:netty-codec CVE-2021-37137 高危 4.1.65.Final 4.1.68.Final netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37137

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-10-19 15:15 修改: 2023-11-07 03:36
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.11.0 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.11.0 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.11.0 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
log4j:log4j CVE-2021-4104 高危 1.2.17 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4104

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-12-14 12:15 修改: 2023-12-22 09:15
log4j:log4j CVE-2022-23302 高危 1.2.17 log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23302

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:30
net.minidev:json-smart CVE-2021-31684 高危 1.3.2 1.3.3, 2.4.4 json-smart: Denial of Service in JSONParserByteArray function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31684

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-06-01 20:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2021-31684 高危 1.3.2 1.3.3, 2.4.4 json-smart: Denial of Service in JSONParserByteArray function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31684

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-06-01 20:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 1.3.2 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 1.3.2 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 1.3.3 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 1.3.3 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.3 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.3 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.4.7 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.4.7 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.4.7 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.4.7 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.4.7 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
net.minidev:json-smart CVE-2023-1370 高危 2.4.7 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2024-06-21 19:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.11.0 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.11.0 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
org.apache.avro:avro CVE-2023-39410 高危 1.7.7 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15
org.apache.avro:avro CVE-2023-39410 高危 1.7.7 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15
org.apache.commons:commons-compress CVE-2021-35515 高危 1.20 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35516 高危 1.20 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35517 高危 1.20 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-36090 高危 1.20 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2024-25710 高危 1.20 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.11.0 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.11.1 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.11.1 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.11.1 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.11.1 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.11.1 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.11.1 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.11.1 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.11.1 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.1 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.1 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.1 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
org.apache.santuario:xmlsec CVE-2021-40690 高危 2.2.0 2.2.3, 2.1.7 xml-security: XPath Transform abuse allows for information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40690

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-09-19 18:15 修改: 2023-11-07 03:38
org.apache.santuario:xmlsec CVE-2021-40690 高危 2.2.0 2.2.3, 2.1.7 xml-security: XPath Transform abuse allows for information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40690

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-09-19 18:15 修改: 2023-11-07 03:38
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.1 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
org.apache.tomcat:tomcat-catalina CVE-2023-46589 高危 9.0.63 11.0.0-M11, 10.1.16, 9.0.83, 8.5.96 tomcat: HTTP request smuggling via malformed trailer headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46589

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-11-28 16:15 修改: 2024-07-12 16:11
org.apache.tomcat:tomcat-catalina CVE-2024-50379 高危 9.0.63 11.0.2, 10.1.34, 9.0.98 tomcat: RCE due to TOCTOU issue in JSP compilation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50379

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-17 13:15 修改: 2025-01-03 12:15
org.apache.tomcat:tomcat-coyote CVE-2022-42252 高危 9.0.45 9.0.68, 10.0.27, 10.1.1 tomcat: request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42252

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-01 09:15 修改: 2023-05-30 06:15
org.apache.tomcat:tomcat-coyote CVE-2023-24998 高危 9.0.45 10.1.5, 11.0.0-M5, 8.5.88, 9.0.71 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
org.apache.tomcat:tomcat-coyote CVE-2024-34750 高危 9.0.45 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
org.apache.tomcat:tomcat-coyote CVE-2022-42252 高危 9.0.54 9.0.68, 10.0.27, 10.1.1 tomcat: request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42252

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-01 09:15 修改: 2023-05-30 06:15
org.apache.tomcat:tomcat-coyote CVE-2023-24998 高危 9.0.54 10.1.5, 11.0.0-M5, 8.5.88, 9.0.71 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
org.apache.tomcat:tomcat-coyote CVE-2024-34750 高危 9.0.54 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
org.apache.tomcat:tomcat-coyote CVE-2022-42252 高危 9.0.63 9.0.68, 10.0.27, 10.1.1 tomcat: request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42252

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-01 09:15 修改: 2023-05-30 06:15
org.apache.tomcat:tomcat-coyote CVE-2022-42252 高危 9.0.63 9.0.68, 10.0.27, 10.1.1 tomcat: request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42252

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-11-01 09:15 修改: 2023-05-30 06:15
org.apache.tomcat:tomcat-coyote CVE-2023-24998 高危 9.0.63 10.1.5, 11.0.0-M5, 8.5.88, 9.0.71 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
org.apache.tomcat:tomcat-coyote CVE-2023-24998 高危 9.0.63 10.1.5, 11.0.0-M5, 8.5.88, 9.0.71 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
org.apache.tomcat:tomcat-coyote CVE-2024-34750 高危 9.0.63 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
org.apache.tomcat:tomcat-coyote CVE-2024-34750 高危 9.0.63 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
org.apache.tomcat:tomcat-util CVE-2022-45143 高危 9.0.45 8.5.84, 9.0.69 tomcat: JsonErrorReportValve injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45143

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-01-03 19:15 修改: 2023-06-27 13:15
org.apache.tomcat:tomcat-util CVE-2024-38286 高危 9.0.45 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Denial of Service in Tomcat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
org.apache.tomcat:tomcat-util CVE-2022-45143 高危 9.0.54 8.5.84, 9.0.69 tomcat: JsonErrorReportValve injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45143

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-01-03 19:15 修改: 2023-06-27 13:15
org.apache.tomcat:tomcat-util CVE-2024-38286 高危 9.0.54 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Denial of Service in Tomcat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
org.apache.tomcat:tomcat-util CVE-2022-45143 高危 9.0.63 8.5.84, 9.0.69 tomcat: JsonErrorReportValve injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45143

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-01-03 19:15 修改: 2023-06-27 13:15
org.apache.tomcat:tomcat-util CVE-2022-45143 高危 9.0.63 8.5.84, 9.0.69 tomcat: JsonErrorReportValve injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45143

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-01-03 19:15 修改: 2023-06-27 13:15
org.apache.tomcat:tomcat-util CVE-2024-38286 高危 9.0.63 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Denial of Service in Tomcat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
org.apache.tomcat:tomcat-util CVE-2024-38286 高危 9.0.63 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Denial of Service in Tomcat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
org.apache.velocity:velocity CVE-2020-13936 高危 1.6.4-atlassian-23 velocity: arbitrary code execution when attacker is able to modify templates

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13936

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-03-10 08:15 修改: 2023-11-07 03:17
org.apache.velocity:velocity CVE-2020-13936 高危 1.6.4-atlassian-23 velocity: arbitrary code execution when attacker is able to modify templates

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13936

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-03-10 08:15 修改: 2023-11-07 03:17
org.apache.xmlgraphics:batik-bridge CVE-2022-44729 高危 1.14 1.17 batik: Server-Side Request Forgery vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44729

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-08-22 19:16 修改: 2024-01-07 11:15
org.apache.xmlgraphics:batik-bridge CVE-2022-44729 高危 1.14 1.17 batik: Server-Side Request Forgery vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44729

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-08-22 19:16 修改: 2024-01-07 11:15
org.apache.xmlgraphics:batik-transcoder CVE-2022-44729 高危 1.14 1.17 batik: Server-Side Request Forgery vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44729

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-08-22 19:16 修改: 2024-01-07 11:15
org.apache.xmlgraphics:batik-transcoder CVE-2022-44729 高危 1.14 1.17 batik: Server-Side Request Forgery vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44729

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-08-22 19:16 修改: 2024-01-07 11:15
org.bitbucket.b_c:jose4j CVE-2023-31582 高危 0.6.3 0.9.3 jose4j: Insecure iteration count setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31582

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-25 18:17 修改: 2023-10-31 15:18
org.bitbucket.b_c:jose4j CVE-2023-31582 高危 0.6.3 0.9.3 jose4j: Insecure iteration count setting

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-31582

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-25 18:17 修改: 2023-10-31 15:18
org.clojure:clojure CVE-2024-22871 高危 1.10.1 1.11.2, 1.12.0-alpha9 An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22871

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-29 02:15 修改: 2024-08-13 19:35
org.clojure:clojure CVE-2024-22871 高危 1.10.1 1.11.2, 1.12.0-alpha9 An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22871

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-29 02:15 修改: 2024-08-13 19:35
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.1 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.1 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.1 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.1 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.1 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.1 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.1 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.1 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.1 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.1 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.1 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.1 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.1 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.1 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.1 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.1 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.1 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.1 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.1 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.1 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.1 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.1 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.1 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.1 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.hibernate:hibernate-core CVE-2020-25638 高危 5.2.18.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.hibernate:hibernate-core CVE-2020-25638 高危 5.2.18.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.hibernate:hibernate-core CVE-2020-25638 高危 5.3.2.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.1 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
org.jdom:jdom CVE-2021-33813 高危 1.1.3 jdom: XXE allows attackers to cause a DoS via a crafted HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33813

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-06-16 12:15 修改: 2023-11-07 03:35
org.json:json CVE-2022-45688 高危 20070829 20230227 json stack overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-13 15:15 修改: 2023-03-09 15:16
org.json:json CVE-2022-45688 高危 20070829 20230227 json stack overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-03-09 15:16
org.json:json CVE-2023-5072 高危 20070829 20231013 JSON-java: parser confusion leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
org.json:json CVE-2023-5072 高危 20070829 20231013 JSON-java: parser confusion leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
org.json:json CVE-2022-45688 高危 20220320 20230227 json stack overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-13 15:15 修改: 2023-03-09 15:16
org.json:json CVE-2022-45688 高危 20220320 20230227 json stack overflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-13 15:15 修改: 2023-03-09 15:16
org.json:json CVE-2023-5072 高危 20220320 20231013 JSON-java: parser confusion leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
org.json:json CVE-2023-5072 高危 20220320 20231013 JSON-java: parser confusion leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
org.jsoup:jsoup CVE-2021-37714 高危 1.9.2 1.14.2 jsoup: Crafted input may cause the jsoup HTML and XML parser to get stuck

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37714

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-18 15:15 修改: 2023-11-07 03:37
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.1 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.1 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.1 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
org.postgresql:postgresql CVE-2022-21724 高危 42.2.18 42.2.25, 42.3.2 jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21724

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-02-02 12:15 修改: 2023-11-07 03:43
org.postgresql:postgresql CVE-2022-31197 高危 42.2.18 42.2.26, 42.4.1, 42.3.7 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31197

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-08-03 19:15 修改: 2023-11-07 03:47
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.1 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.1 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
org.postgresql:postgresql CVE-2022-31197 高危 42.4.0 42.2.26, 42.4.1, 42.3.7 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31197

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-08-03 19:15 修改: 2023-11-07 03:47
org.postgresql:postgresql CVE-2022-31197 高危 42.4.0 42.2.26, 42.4.1, 42.3.7 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31197

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-08-03 19:15 修改: 2023-11-07 03:47
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.1 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.1 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.3 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.3 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
org.springframework.security:spring-security-core CVE-2024-22257 高危 4.2.16.RELEASE 5.7.12, 5.8.11, 6.1.8, 6.2.3 spring-security: Broken Access Control With Direct Use of AuthenticatedVoter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22257

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-18 15:15 修改: 2024-11-12 16:35
org.springframework.security:spring-security-core CVE-2024-22257 高危 4.2.16.RELEASE 5.7.12, 5.8.11, 6.1.8, 6.2.3 spring-security: Broken Access Control With Direct Use of AuthenticatedVoter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22257

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-18 15:15 修改: 2024-11-12 16:35
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.3 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
org.springframework:spring-beans CVE-2022-22970 高危 5.1.18.RELEASE 5.2.22.RELEASE, 5.3.20 springframework: DoS via data binding to multipartFile or servlet part

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-12 20:15 修改: 2022-10-07 13:17
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.3 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
org.springframework:spring-beans CVE-2022-22970 高危 5.3.11 5.2.22.RELEASE, 5.3.20 springframework: DoS via data binding to multipartFile or servlet part

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-12 20:15 修改: 2022-10-07 13:17
org.springframework:spring-beans CVE-2022-22970 高危 5.3.19 5.2.22.RELEASE, 5.3.20 springframework: DoS via data binding to multipartFile or servlet part

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-12 20:15 修改: 2022-10-07 13:17
org.springframework:spring-beans CVE-2022-22970 高危 5.3.19 5.2.22.RELEASE, 5.3.20 springframework: DoS via data binding to multipartFile or servlet part

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-12 20:15 修改: 2022-10-07 13:17
org.springframework:spring-context CVE-2022-22968 高危 5.1.18.RELEASE 5.3.19, 5.2.21.RELEASE Framework: Data Binding Rules Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22968

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-14 21:15 修改: 2022-10-19 15:15
org.springframework:spring-context CVE-2022-22968 高危 5.3.11 5.3.19, 5.2.21.RELEASE Framework: Data Binding Rules Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22968

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-14 21:15 修改: 2022-10-19 15:15
org.springframework:spring-expression CVE-2023-20863 高危 5.1.18.RELEASE 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-13 20:15 修改: 2024-06-10 17:16
org.springframework:spring-expression CVE-2023-20863 高危 5.3.11 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-13 20:15 修改: 2024-06-10 17:16
org.springframework:spring-expression CVE-2023-20863 高危 5.3.19 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-13 20:15 修改: 2024-06-10 17:16
org.springframework:spring-expression CVE-2023-20863 高危 5.3.19 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-04-13 20:15 修改: 2024-06-10 17:16
org.springframework:spring-expression CVE-2023-20863 高危 5.3.21 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-13 20:15 修改: 2024-06-10 17:16
org.springframework:spring-expression CVE-2023-20863 高危 5.3.21 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-04-13 20:15 修改: 2024-06-10 17:16
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.3 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
org.springframework:spring-web CVE-2024-22243 高危 5.1.18.RELEASE 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web CVE-2024-22259 高危 5.1.18.RELEASE 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web CVE-2024-22262 高危 5.1.18.RELEASE 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.3 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
org.springframework:spring-web CVE-2024-22243 高危 5.3.11 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web CVE-2024-22259 高危 5.3.11 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web CVE-2024-22262 高危 5.3.11 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.3 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.3 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
org.springframework:spring-web CVE-2024-22243 高危 5.3.19 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web CVE-2024-22243 高危 5.3.19 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web CVE-2024-22259 高危 5.3.19 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web CVE-2024-22259 高危 5.3.19 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web CVE-2024-22262 高危 5.3.19 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
org.springframework:spring-web CVE-2024-22262 高危 5.3.19 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.5 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.5 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
org.springframework:spring-web CVE-2024-22243 高危 5.3.21 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web CVE-2024-22243 高危 5.3.21 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web CVE-2024-22259 高危 5.3.21 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web CVE-2024-22259 高危 5.3.21 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web CVE-2024-22262 高危 5.3.21 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
org.springframework:spring-web CVE-2024-22262 高危 5.3.21 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.12.5 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
org.springframework:spring-webmvc CVE-2024-38819 高危 5.1.18.RELEASE 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.12.5 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.11 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.11 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.19 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.19 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.19 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.19 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.21 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.21 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.21 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.21 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
org.xerial.snappy:snappy-java CVE-2023-34455 高危 1.1.1.7 1.1.10.1 snappy-java: Unchecked chunk length leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17
org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.1.7 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46
org.xerial.snappy:snappy-java CVE-2023-34455 高危 1.1.7.3 1.1.10.1 snappy-java: Unchecked chunk length leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17
org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.7.3 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46
org.yaml:snakeyaml CVE-2022-1471 高危 1.26 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml CVE-2022-1471 高危 1.26 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml CVE-2022-25857 高危 1.26 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-25857 高危 1.26 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15
software.amazon.ion:ion-java CVE-2024-21634 高危 1.0.2 1.10.5 ion-java: ion-java: Ion Java StackOverflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-01-03 23:15 修改: 2024-01-10 16:38
software.amazon.ion:ion-java CVE-2024-21634 高危 1.0.2 1.10.5 ion-java: ion-java: Ion Java StackOverflow vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-01-03 23:15 修改: 2024-01-10 16:38
xalan:xalan CVE-2022-34169 高危 2.7.2 2.7.3 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34169

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-19 18:15 修改: 2024-06-21 19:15
xalan:xalan CVE-2022-34169 高危 2.7.2 2.7.3 OpenJDK: integer truncation issue in Xalan-J (JAXP, 8285407)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34169

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-07-19 18:15 修改: 2024-06-21 19:15
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.1 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.1 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.1 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.1 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.1 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.1 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.39.v20210325 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.39.v20210325 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.41.v20210516 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.41.v20210516 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.41.v20210516 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.41.v20210516 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.43.v20210629 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.43.v20210629 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-server CVE-2023-26048 中危 9.4.39.v20210325 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.39.v20210325 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-server CVE-2023-26048 中危 9.4.43.v20210629 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
org.eclipse.jetty:jetty-server CVE-2023-26048 中危 9.4.43.v20210629 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.43.v20210629 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.43.v20210629 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.glassfish.jersey.core:jersey-common CVE-2021-28168 中危 2.31 2.34, 3.0.2 jersey: Local information disclosure via system temporary directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28168

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-04-22 18:15 修改: 2023-11-07 03:32
org.hibernate.validator:hibernate-validator CVE-2020-10693 中危 6.0.17.Final 6.1.5.Final, 6.0.20.Final hibernate-validator: Improper input validation in the interpolation of constraint error messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10693

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-05-06 14:15 修改: 2023-11-07 03:14
org.hibernate.validator:hibernate-validator CVE-2020-10693 中危 6.0.17.Final 6.1.5.Final, 6.0.20.Final hibernate-validator: Improper input validation in the interpolation of constraint error messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10693

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-05-06 14:15 修改: 2023-11-07 03:14
org.hibernate.validator:hibernate-validator CVE-2023-1932 中危 6.0.17.Final 6.2.0.Final hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
org.hibernate.validator:hibernate-validator CVE-2023-1932 中危 6.0.17.Final 6.2.0.Final hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
org.hibernate.validator:hibernate-validator CVE-2023-1932 中危 6.0.21.Final 6.2.0.Final hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
org.hibernate.validator:hibernate-validator CVE-2023-1932 中危 6.0.21.Final 6.2.0.Final hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
org.hibernate.validator:hibernate-validator CVE-2023-1932 中危 6.0.22.Final 6.2.0.Final hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
org.hibernate.validator:hibernate-validator CVE-2023-1932 中危 6.0.22.Final 6.2.0.Final hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
org.apache.santuario:xmlsec CVE-2023-44483 中危 2.2.0 2.3.4, 2.2.6, 3.0.3 santuario: Private Key disclosure in debug-log output

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-20 10:15 修改: 2023-10-27 18:49
org.apache.santuario:xmlsec CVE-2023-44483 中危 2.2.0 2.3.4, 2.2.6, 3.0.3 santuario: Private Key disclosure in debug-log output

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-20 10:15 修改: 2023-10-27 18:49
org.hibernate:hibernate-core CVE-2019-14900 中危 5.2.18.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.hibernate:hibernate-core CVE-2019-14900 中危 5.2.18.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.apache.tika:tika-core CVE-2022-30973 中危 1.22 1.28.3 tika-core: incomplete fix for CVE-2022-30126

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30973

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-31 14:15 修改: 2022-10-27 16:41
org.hibernate:hibernate-core CVE-2019-14900 中危 5.3.2.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.apache.tika:tika-core CVE-2022-30973 中危 1.22 1.28.3 tika-core: incomplete fix for CVE-2022-30126

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30973

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-31 14:15 修改: 2022-10-27 16:41
org.apache.tika:tika-core CVE-2022-30973 中危 1.23 1.28.3 tika-core: incomplete fix for CVE-2022-30126

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30973

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-31 14:15 修改: 2022-10-27 16:41
org.jetbrains.kotlin:kotlin-stdlib CVE-2020-29582 中危 1.2.31 1.4.21 kotlin: vulnerable Java API was used for temporary file and folder creation which could result in information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29582

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-02-03 16:15 修改: 2023-11-07 03:21
org.jetbrains.kotlin:kotlin-stdlib CVE-2022-24329 中危 1.2.31 1.6.0 kotlin: Not possible to lock dependencies for Multiplatform Gradle Projects

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24329

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-02-25 15:15 修改: 2024-10-29 15:36
org.apache.tika:tika-core CVE-2022-30973 中危 1.23 1.28.3 tika-core: incomplete fix for CVE-2022-30126

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-30973

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-05-31 14:15 修改: 2022-10-27 16:41
com.hazelcast:hazelcast CVE-2023-33264 中危 3.12.11 5.3.0 hazelcast: Improper password mask

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
com.squareup.okio:okio CVE-2023-3635 中危 1.14.1 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17
com.squareup.okio:okio CVE-2023-3635 中危 1.14.1 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-07-12 19:15 修改: 2023-10-25 15:17
org.apache.tomcat:tomcat-catalina CVE-2023-28708 中危 9.0.63 11.0.0-M3, 10.1.6, 9.0.72, 8.5.86 tomcat: not including the secure attribute causes information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28708

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-22 11:15 修改: 2023-11-07 04:10
org.apache.tomcat:tomcat-catalina CVE-2024-54677 中危 9.0.63 11.0.2, 10.1.34, 9.0.98 tomcat: Apache Tomcat: DoS in examples web application

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-54677

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-17 13:15 修改: 2024-12-18 17:15
com.thoughtworks.xstream:xstream CVE-2021-39140 中危 1.4.17 1.4.18 xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39140

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-08-23 19:15 修改: 2023-11-07 03:37
net.minidev:json-smart CVE-2021-27568 中危 2.3 1.3.2, 2.4.1, 2.3.1 json-smart: uncaught exception may lead to crash or information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27568

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-02-23 02:15 修改: 2023-11-07 03:31
org.jsoup:jsoup CVE-2022-36033 中危 1.14.3 1.15.3 jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36033

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-08-29 17:15 修改: 2022-12-08 03:48
org.jsoup:jsoup CVE-2022-36033 中危 1.14.3 1.15.3 jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36033

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-08-29 17:15 修改: 2022-12-08 03:48
org.jsoup:jsoup CVE-2022-36033 中危 1.14.3 1.15.3 jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36033

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-08-29 17:15 修改: 2022-12-08 03:48
net.minidev:json-smart CVE-2021-27568 中危 2.3 1.3.2, 2.4.1, 2.3.1 json-smart: uncaught exception may lead to crash or information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27568

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-02-23 02:15 修改: 2023-11-07 03:31
org.jsoup:jsoup CVE-2022-36033 中危 1.9.2 1.15.3 jsoup: The jsoup cleaner may incorrectly sanitize crafted XSS attempts if SafeList.preserveRelativeLinks is enabled

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36033

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-08-29 17:15 修改: 2022-12-08 03:48
org.apache.tomcat:tomcat-coyote CVE-2023-44487 中危 9.0.45 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
org.apache.tomcat:tomcat-coyote CVE-2024-24549 中危 9.0.45 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: HTTP/2 header handling DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-13 16:15 修改: 2024-11-04 22:35
org.owasp.antisamy:antisamy CVE-2016-10006 中危 1.5.3-atlassian-7 1.5.5 In OWASP AntiSamy before 1.5.5, by submitting a specially crafted inpu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10006

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2016-12-24 18:59 修改: 2019-11-14 13:22
org.owasp.antisamy:antisamy CVE-2016-10006 中危 1.5.3-atlassian-7 1.5.5 In OWASP AntiSamy before 1.5.5, by submitting a specially crafted inpu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10006

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2016-12-24 18:59 修改: 2019-11-14 13:22
org.owasp.antisamy:antisamy CVE-2016-10006 中危 1.5.3-atlassian-7 1.5.5 In OWASP AntiSamy before 1.5.5, by submitting a specially crafted inpu ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10006

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2016-12-24 18:59 修改: 2019-11-14 13:22
org.owasp.antisamy:antisamy CVE-2017-14735 中危 1.5.3-atlassian-7 1.5.7 OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14735

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2017-09-25 21:29 修改: 2021-07-20 23:15
org.owasp.antisamy:antisamy CVE-2017-14735 中危 1.5.3-atlassian-7 1.5.7 OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14735

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2017-09-25 21:29 修改: 2021-07-20 23:15
org.owasp.antisamy:antisamy CVE-2017-14735 中危 1.5.3-atlassian-7 1.5.7 OWASP AntiSamy before 1.5.7 allows XSS via HTML5 entities, as demonstr ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14735

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2017-09-25 21:29 修改: 2021-07-20 23:15
org.owasp.antisamy:antisamy CVE-2022-28367 中危 1.5.3-atlassian-7 1.6.6 OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-21 23:15 修改: 2022-05-03 20:49
org.owasp.antisamy:antisamy CVE-2022-28367 中危 1.5.3-atlassian-7 1.6.6 OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2022-05-03 20:49
org.owasp.antisamy:antisamy CVE-2022-28367 中危 1.5.3-atlassian-7 1.6.6 OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2022-05-03 20:49
org.owasp.antisamy:antisamy CVE-2022-29577 中危 1.5.3-atlassian-7 1.6.7 Cross-site Scripting in OWASP AntiSamy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-21 23:15 修改: 2023-02-23 18:47
org.owasp.antisamy:antisamy CVE-2022-29577 中危 1.5.3-atlassian-7 1.6.7 Cross-site Scripting in OWASP AntiSamy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2023-02-23 18:47
org.owasp.antisamy:antisamy CVE-2022-29577 中危 1.5.3-atlassian-7 1.6.7 Cross-site Scripting in OWASP AntiSamy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2023-02-23 18:47
org.owasp.antisamy:antisamy CVE-2023-43643 中危 1.5.3-atlassian-7 1.7.4 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
org.owasp.antisamy:antisamy CVE-2023-43643 中危 1.5.3-atlassian-7 1.7.4 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
org.owasp.antisamy:antisamy CVE-2023-43643 中危 1.5.3-atlassian-7 1.7.4 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.5.3-atlassian-7 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.5.3-atlassian-7 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.5.3-atlassian-7 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2021-35043 中危 1.5.8 1.6.4 AntiSamy: XSS via HTML attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35043

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-19 15:15 修改: 2022-10-29 02:49
org.owasp.antisamy:antisamy CVE-2021-35043 中危 1.5.8 1.6.4 AntiSamy: XSS via HTML attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35043

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-07-19 15:15 修改: 2022-10-29 02:49
org.owasp.antisamy:antisamy CVE-2021-35043 中危 1.5.8 1.6.4 AntiSamy: XSS via HTML attributes

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35043

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-07-19 15:15 修改: 2022-10-29 02:49
org.owasp.antisamy:antisamy CVE-2022-28367 中危 1.5.8 1.6.6 OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-21 23:15 修改: 2022-05-03 20:49
org.owasp.antisamy:antisamy CVE-2022-28367 中危 1.5.8 1.6.6 OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2022-05-03 20:49
org.owasp.antisamy:antisamy CVE-2022-28367 中危 1.5.8 1.6.6 OWASP AntiSamy before 1.6.6 allows XSS via HTML tag smuggling on STYLE ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-28367

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2022-05-03 20:49
org.owasp.antisamy:antisamy CVE-2022-29577 中危 1.5.8 1.6.7 Cross-site Scripting in OWASP AntiSamy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-21 23:15 修改: 2023-02-23 18:47
org.owasp.antisamy:antisamy CVE-2022-29577 中危 1.5.8 1.6.7 Cross-site Scripting in OWASP AntiSamy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2023-02-23 18:47
org.owasp.antisamy:antisamy CVE-2022-29577 中危 1.5.8 1.6.7 Cross-site Scripting in OWASP AntiSamy

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29577

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-04-21 23:15 修改: 2023-02-23 18:47
org.owasp.antisamy:antisamy CVE-2023-43643 中危 1.5.8 1.7.4 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
org.owasp.antisamy:antisamy CVE-2023-43643 中危 1.5.8 1.7.4 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
org.owasp.antisamy:antisamy CVE-2023-43643 中危 1.5.8 1.7.4 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.5.8 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.5.8 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.5.8 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
commons-httpclient:commons-httpclient CVE-2012-5783 中危 3.1-atlassian-2 4.0 jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

漏洞详情: https://avd.aquasec.com/nvd/cve-2012-5783

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2012-11-04 22:55 修改: 2021-04-23 17:28
commons-httpclient:commons-httpclient CVE-2012-5783 中危 3.1-atlassian-2 4.0 jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

漏洞详情: https://avd.aquasec.com/nvd/cve-2012-5783

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2012-11-04 22:55 修改: 2021-04-23 17:28
com.thoughtworks.xstream:xstream CVE-2021-39140 中危 1.4.17 1.4.18 xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-39140

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-08-23 19:15 修改: 2023-11-07 03:37
org.postgresql:postgresql CVE-2022-41946 中危 42.2.18 42.2.27, 42.3.8, 42.4.3, 42.5.1 postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41946

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-23 20:15 修改: 2024-03-29 13:15
org.postgresql:postgresql GHSA-673j-qm5f-xpv8 中危 42.2.18 42.3.3 pgjdbc Arbitrary File Write Vulnerability

漏洞详情: https://github.com/advisories/GHSA-673j-qm5f-xpv8

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.apache.tomcat:tomcat-coyote CVE-2023-44487 中危 9.0.54 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
org.apache.tomcat:tomcat-coyote CVE-2024-24549 中危 9.0.54 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: HTTP/2 header handling DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-13 16:15 修改: 2024-11-04 22:35
com.hazelcast:hazelcast CVE-2023-33264 中危 3.12.11 5.3.0 hazelcast: Improper password mask

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
com.google.guava:guava CVE-2023-2976 中危 26.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.postgresql:postgresql CVE-2022-41946 中危 42.4.0 42.2.27, 42.3.8, 42.4.3, 42.5.1 postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41946

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-23 20:15 修改: 2024-03-29 13:15
org.postgresql:postgresql CVE-2022-41946 中危 42.4.0 42.2.27, 42.3.8, 42.4.3, 42.5.1 postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41946

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-11-23 20:15 修改: 2024-03-29 13:15
com.google.guava:guava CVE-2023-2976 中危 26.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
ognl:ognl CVE-2016-3093 中危 2.6.5-atlassian-3 3.0.12 struts: OGNL cache poisoning can lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3093

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2016-06-07 18:59 修改: 2023-02-12 23:18
org.springframework.ldap:spring-ldap-core CVE-2024-38829 中危 2.3.3.RELEASE 3.2.8, 2.4.4 spring-ldap: Spring LDAP sensitive data exposure for case-sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38829

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-04 21:15 修改: 2024-12-10 15:15
opensymphony:xwork CVE-2007-4556 中危 1.0.3-atlassian-10 1.2.3, 2.0.4 OpenSymphony XWork vulnerable to improper input validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4556

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2007-08-28 01:17 修改: 2018-10-26 14:00
opensymphony:xwork CVE-2007-4556 中危 1.0.3-atlassian-11 1.2.3, 2.0.4 OpenSymphony XWork vulnerable to improper input validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4556

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2007-08-28 01:17 修改: 2018-10-26 14:00
org.apache.tomcat:tomcat-coyote CVE-2023-44487 中危 9.0.63 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
org.apache.tomcat:tomcat-coyote CVE-2023-44487 中危 9.0.63 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
org.springframework.security:spring-security-core CVE-2024-38827 中危 4.2.16.RELEASE 5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework.security:spring-security-core CVE-2024-38827 中危 4.2.16.RELEASE 5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.apache.tomcat:tomcat-coyote CVE-2024-24549 中危 9.0.63 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: HTTP/2 header handling DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-13 16:15 修改: 2024-11-04 22:35
org.apache.tomcat:tomcat-coyote CVE-2024-24549 中危 9.0.63 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: HTTP/2 header handling DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-13 16:15 修改: 2024-11-04 22:35
opensymphony:xwork CVE-2007-4556 中危 1.0.3-atlassian-11 1.2.3, 2.0.4 OpenSymphony XWork vulnerable to improper input validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4556

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2007-08-28 01:17 修改: 2018-10-26 14:00
opensymphony:xwork CVE-2007-4556 中危 1.0.3-atlassian-8 1.2.3, 2.0.4 OpenSymphony XWork vulnerable to improper input validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4556

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2007-08-28 01:17 修改: 2018-10-26 14:00
org.apache.ant:ant CVE-2021-36373 中危 1.10.9 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
org.apache.ant:ant CVE-2021-36373 中危 1.10.9 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
org.apache.ant:ant CVE-2021-36374 中危 1.10.9 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
org.springframework:spring-context CVE-2024-38820 中危 5.1.18.RELEASE 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.apache.ant:ant CVE-2021-36374 中危 1.10.9 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
org.springframework:spring-context CVE-2024-38820 中危 5.3.11 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.19 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.19 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.21 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.21 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-core CVE-2021-22060 中危 5.3.11 5.3.14, 5.2.19 springframework: Additional Log Injection in Spring Framework (follow-up to CVE-2021-22096)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22060

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-01-10 14:10 修改: 2022-05-13 15:52
com.google.guava:guava CVE-2023-2976 中危 30.1.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.springframework:spring-expression CVE-2022-22950 中危 5.1.18.RELEASE 5.3.17, 5.2.20.RELEASE spring-expression: Denial of service via specially crafted SpEL expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22950

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-01 23:15 修改: 2022-06-22 13:53
org.springframework:spring-expression CVE-2023-20861 中危 5.1.18.RELEASE 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-23 21:15 修改: 2023-04-20 09:15
org.springframework:spring-expression CVE-2024-38808 中危 5.1.18.RELEASE 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
com.google.guava:guava CVE-2023-2976 中危 30.1.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.springframework:spring-expression CVE-2022-22950 中危 5.3.11 5.3.17, 5.2.20.RELEASE spring-expression: Denial of service via specially crafted SpEL expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22950

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-04-01 23:15 修改: 2022-06-22 13:53
org.springframework:spring-expression CVE-2023-20861 中危 5.3.11 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-23 21:15 修改: 2023-04-20 09:15
org.springframework:spring-expression CVE-2024-38808 中危 5.3.11 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.apache.tomcat:tomcat-websocket CVE-2024-23672 中危 9.0.45 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: WebSocket DoS with incomplete closing handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-13 16:15 修改: 2024-11-18 22:35
org.apache.tomcat:tomcat-websocket CVE-2024-23672 中危 9.0.54 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: WebSocket DoS with incomplete closing handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-13 16:15 修改: 2024-11-18 22:35
org.springframework:spring-expression CVE-2023-20861 中危 5.3.19 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-23 21:15 修改: 2023-04-20 09:15
org.springframework:spring-expression CVE-2023-20861 中危 5.3.19 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-23 21:15 修改: 2023-04-20 09:15
org.springframework:spring-expression CVE-2024-38808 中危 5.3.19 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38808 中危 5.3.19 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.apache.tomcat:tomcat-websocket CVE-2024-23672 中危 9.0.63 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: WebSocket DoS with incomplete closing handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-13 16:15 修改: 2024-11-18 22:35
org.apache.tomcat:tomcat-websocket CVE-2024-23672 中危 9.0.63 11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 Tomcat: WebSocket DoS with incomplete closing handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-13 16:15 修改: 2024-11-18 22:35
org.springframework:spring-expression CVE-2023-20861 中危 5.3.21 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-03-23 21:15 修改: 2023-04-20 09:15
org.springframework:spring-expression CVE-2023-20861 中危 5.3.21 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-03-23 21:15 修改: 2023-04-20 09:15
org.springframework:spring-expression CVE-2024-38808 中危 5.3.21 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38808 中危 5.3.21 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
io.netty:netty-codec-http CVE-2021-43797 中危 4.1.65.Final 4.1.71.Final netty: control chars in header names may lead to HTTP request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43797

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-12-09 19:15 修改: 2023-02-24 15:47
io.netty:netty-codec-http CVE-2022-24823 中危 4.1.65.Final 4.1.77.Final netty: world readable temporary file containing sensitive data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24823

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-05-06 12:15 修改: 2022-12-03 14:25
org.apache.velocity:velocity-tools CVE-2020-13959 中危 1.4 velocity: XSS in the default error page for VelocityView

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13959

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-03-10 08:15 修改: 2023-11-07 03:17
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.65.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
org.springframework:spring-web CVE-2024-38809 中危 5.1.18.RELEASE 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.77.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
org.apache.xmlgraphics:batik-script CVE-2022-44730 中危 1.14 1.17 batik: Server-Side Request Forgery vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44730

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-08-22 19:16 修改: 2024-01-07 11:15
org.apache.xmlgraphics:batik-script CVE-2022-44730 中危 1.14 1.17 batik: Server-Side Request Forgery vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-44730

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-08-22 19:16 修改: 2024-01-07 11:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.77.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
org.springframework:spring-web CVE-2024-38809 中危 5.3.11 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
io.netty:netty-common CVE-2024-47535 中危 4.1.65.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.77.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.77.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
org.bitbucket.b_c:jose4j CVE-2023-51775 中危 0.6.3 0.9.4 jose4j: denial of service via specially crafted JWE

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51775

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-29 01:42 修改: 2024-08-14 19:35
org.bitbucket.b_c:jose4j CVE-2023-51775 中危 0.6.3 0.9.4 jose4j: denial of service via specially crafted JWE

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51775

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-29 01:42 修改: 2024-08-14 19:35
org.bitbucket.b_c:jose4j GHSA-jgvc-jfgh-rjvv 中危 0.6.3 0.9.3 Chosen Ciphertext Attack in Jose4j

漏洞详情: https://github.com/advisories/GHSA-jgvc-jfgh-rjvv

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.bitbucket.b_c:jose4j GHSA-jgvc-jfgh-rjvv 中危 0.6.3 0.9.3 Chosen Ciphertext Attack in Jose4j

漏洞详情: https://github.com/advisories/GHSA-jgvc-jfgh-rjvv

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.68 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.springframework:spring-web CVE-2024-38809 中危 5.3.19 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.springframework:spring-web CVE-2024-38809 中危 5.3.19 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.68 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33202 中危 1.68 1.70 bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33202

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-11-23 16:15 修改: 2024-09-09 13:53
org.bouncycastle:bcprov-jdk15on CVE-2023-33202 中危 1.68 1.70 bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33202

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-11-23 16:15 修改: 2024-09-09 13:53
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.68 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.68 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.68 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.68 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
io.netty:netty-handler CVE-2023-34462 中危 4.1.65.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15
org.springframework:spring-web CVE-2024-38809 中危 5.3.21 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.springframework:spring-web CVE-2024-38809 中危 5.3.21 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
io.netty:netty-handler CVE-2023-34462 中危 4.1.77.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15
org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
io.netty:netty-handler CVE-2023-34462 中危 4.1.77.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.11 5.3.42 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
com.fasterxml.woodstox:woodstox-core CVE-2022-40152 中危 5.2.1 6.4.0, 5.4.0 woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-16 10:15 修改: 2023-02-09 01:36
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.7 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.7 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.7 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.19 5.3.42 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.19 5.3.42 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.7 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
com.fasterxml.woodstox:woodstox-core CVE-2022-40152 中危 5.2.1 6.4.0, 5.4.0 woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-16 10:15 修改: 2023-02-09 01:36
ch.qos.logback:logback-core CVE-2024-12798 中危 1.2.3 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
ch.qos.logback:logback-core CVE-2021-42550 中危 1.2.3 1.2.9 logback: remote code execution through JNDI call from within its configuration file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42550

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-12-16 19:15 修改: 2022-12-12 21:13
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.21 5.3.42 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.21 5.3.42 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
ch.qos.logback:logback-core CVE-2021-42550 中危 1.2.3 1.2.9 logback: remote code execution through JNDI call from within its configuration file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42550

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2021-12-16 19:15 修改: 2022-12-12 21:13
net.lingala.zip4j:zip4j CVE-2022-24615 中危 2.2.3 2.10.0 zip4j: Uncaught exceptions while parsing a specially crafted ZIP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24615

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-02-24 15:15 修改: 2022-04-19 04:03
org.xerial.snappy:snappy-java CVE-2023-34453 中危 1.1.1.7 1.1.10.1 snappy-java: Integer overflow in shuffle leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59
org.xerial.snappy:snappy-java CVE-2023-34454 中危 1.1.1.7 1.1.10.1 snappy-java: Integer overflow in compress leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-15 17:15 修改: 2024-12-12 17:15
net.lingala.zip4j:zip4j CVE-2022-24615 中危 2.2.3 2.10.0 zip4j: Uncaught exceptions while parsing a specially crafted ZIP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24615

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-02-24 15:15 修改: 2022-04-19 04:03
net.lingala.zip4j:zip4j CVE-2023-22899 中危 2.2.3 2.11.3 zip4j: does not always check the MAC when decrypting a ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22899

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-01-10 02:15 修改: 2023-01-30 16:24
org.xerial.snappy:snappy-java CVE-2023-34453 中危 1.1.7.3 1.1.10.1 snappy-java: Integer overflow in shuffle leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59
org.xerial.snappy:snappy-java CVE-2023-34454 中危 1.1.7.3 1.1.10.1 snappy-java: Integer overflow in compress leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-06-15 17:15 修改: 2024-12-12 17:15
net.lingala.zip4j:zip4j CVE-2023-22899 中危 2.2.3 2.11.3 zip4j: does not always check the MAC when decrypting a ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-22899

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-01-10 02:15 修改: 2023-01-30 16:24
ch.qos.logback:logback-core CVE-2024-12798 中危 1.2.3 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
com.google.guava:guava CVE-2023-2976 中危 26.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.4.1 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
org.yaml:snakeyaml CVE-2022-38749 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38749 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38750 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38750 中危 1.26 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38751 中危 1.26 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38751 中危 1.26 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38752 中危 1.26 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38752 中危 1.26 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-41854 中危 1.26 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml CVE-2022-41854 中危 1.26 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15
org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.3 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.5 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
com.hazelcast:hazelcast CVE-2023-33264 中危 3.11.4 5.3.0 hazelcast: Improper password mask

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
com.hazelcast:hazelcast CVE-2023-33264 中危 3.12.11 5.3.0 hazelcast: Improper password mask

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.41.v20210516 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
org.eclipse.jetty:jetty-server CVE-2023-26049 低危 9.4.43.v20210629 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
org.eclipse.jetty:jetty-server CVE-2023-26049 低危 9.4.43.v20210629 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
ch.qos.logback:logback-core CVE-2024-12801 低危 1.2.3 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
ch.qos.logback:logback-core CVE-2024-12801 低危 1.2.3 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
com.google.guava:guava CVE-2020-8908 低危 30.1.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.39.v20210325 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
com.google.guava:guava CVE-2020-8908 低危 30.1.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 26.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.postgresql:postgresql CVE-2022-26520 低危 42.2.18 42.3.3 postgresql-jdbc: Arbitrary File Write Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26520

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-03-10 17:47 修改: 2024-08-03 05:16
org.eclipse.jetty:jetty-server CVE-2021-34428 低危 9.4.39.v20210325 9.4.41, 10.0.3, 11.0.3 jetty: SessionListener can prevent a session from being invalidated breaking logout

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-34428

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-06-22 15:15 修改: 2023-11-07 03:35
org.eclipse.jetty:jetty-server CVE-2023-26049 低危 9.4.39.v20210325 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
com.google.guava:guava CVE-2020-8908 低危 26.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 26.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:11c33f7e8be115416588045d5837d076171f2b0be0c262cffb7b7aaf9c7b19f9

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.41.v20210516 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
Python (python-pkg)
低危漏洞:0 中危漏洞:4 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Babel CVE-2021-42771 高危 2.8.0 2.9.1 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42771

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2021-10-20 21:15 修改: 2021-12-14 21:22
Jinja2 CVE-2024-22195 中危 3.0.3 3.1.3 jinja2: HTML attribute injection when passing user input as keys to xmlattr filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22195

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-01-11 03:15 修改: 2024-01-27 03:15
Jinja2 CVE-2024-34064 中危 3.0.3 3.1.4 jinja2: accepts keys containing non-attribute characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34064

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-05-06 15:15 修改: 2024-06-10 18:15
Jinja2 CVE-2024-56201 中危 3.0.3 3.1.5 jinja2: Jinja has a sandbox breakout through malicious filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56201

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-23 16:15 修改: 2025-01-08 16:15
Jinja2 CVE-2024-56326 中危 3.0.3 3.1.5 jinja2: Jinja has a sandbox breakout through indirect reference to format method

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56326

镜像层: sha256:1e763e863bfe00cae3c5ffc43aee43dc6fef4ef3ab10ecdbc936eb08cc225237

发布日期: 2024-12-23 16:15 修改: 2024-12-27 18:15