| org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.3 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
|
| org.apache.avro:avro |
CVE-2024-47561 |
严重 |
1.11.3 |
1.11.4 |
apache-avro: Schema parsing may trigger Remote Code Execution (RCE)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
|
| org.apache.tomcat:tomcat-catalina |
CVE-2024-52316 |
严重 |
9.0.82 |
9.0.96, 10.1.30, 11.0.1 |
tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52316
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-18 12:15 修改: 2024-11-18 17:11
|
| org.postgresql:postgresql |
CVE-2024-1597 |
严重 |
42.5.3 |
42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 |
pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-19 13:15 修改: 2024-06-10 17:16
|
| org.postgresql:postgresql |
CVE-2024-1597 |
严重 |
42.5.3 |
42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 |
pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-19 13:15 修改: 2024-06-10 17:16
|
| org.quartz-scheduler:quartz |
CVE-2019-13990 |
严重 |
1.8.7-atlassian-3 |
2.3.2 |
libquartz: XXE attacks via job description
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13990
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2019-07-26 19:15 修改: 2024-10-15 19:35
|
| org.quartz-scheduler:quartz |
CVE-2019-13990 |
严重 |
1.8.7-atlassian-3 |
2.3.2 |
libquartz: XXE attacks via job description
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13990
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2019-07-26 19:15 修改: 2024-10-15 19:35
|
| org.springframework:spring-web |
CVE-2016-1000027 |
严重 |
5.3.27 |
6.0.0 |
spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization
漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
|
| org.springframework:spring-web |
CVE-2016-1000027 |
严重 |
5.3.27 |
6.0.0 |
spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization
漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
|
| org.springframework:spring-web |
CVE-2016-1000027 |
严重 |
5.3.29 |
6.0.0 |
spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization
漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
|
| org.springframework:spring-web |
CVE-2016-1000027 |
严重 |
5.3.29 |
6.0.0 |
spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization
漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
|
| com.hazelcast:hazelcast |
CVE-2023-45859 |
高危 |
3.12.13 |
5.2.5, 5.3.5 |
Missing permission checks on Hazelcast client protocol
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
|
| com.hazelcast:hazelcast |
CVE-2023-45860 |
高危 |
3.12.13 |
5.3.5, 5.2.5 |
Hazelcast: Permission checking in CSV File Source connector
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
|
| com.hazelcast:hazelcast |
CVE-2023-45860 |
高危 |
3.12.13 |
5.3.5, 5.2.5 |
Hazelcast: Permission checking in CSV File Source connector
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
|
| com.hazelcast:hazelcast |
CVE-2023-45860 |
高危 |
3.12.13 |
5.3.5, 5.2.5 |
Hazelcast: Permission checking in CSV File Source connector
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-16 10:15 修改: 2024-11-06 17:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.1 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.1 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.20.1 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.20.1 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.21.1 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.21.1 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.22 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
8.22 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.nimbusds:nimbus-jose-jwt |
CVE-2023-52428 |
高危 |
9.31 |
9.37.2 |
nimbus-jose-jwt: large JWE p2c header value causes Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
|
| com.thoughtworks.xstream:xstream |
CVE-2024-47072 |
高危 |
1.4.20 |
1.4.21 |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
|
| com.thoughtworks.xstream:xstream |
CVE-2024-47072 |
高危 |
1.4.20 |
1.4.21 |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
|
| com.thoughtworks.xstream:xstream |
CVE-2024-47072 |
高危 |
1.4.20 |
1.4.21 |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
|
| com.thoughtworks.xstream:xstream |
CVE-2024-47072 |
高危 |
1.4.20 |
1.4.21 |
com.thoughtworks.xstream: XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47072
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-08 00:15 修改: 2024-11-08 19:01
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.8.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.8.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
|
| ch.qos.logback:logback-classic |
CVE-2023-6378 |
高危 |
1.3.11 |
1.3.12, 1.4.12, 1.2.13 |
logback: serialization vulnerability in logback receiver
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
|
| ch.qos.logback:logback-classic |
CVE-2023-6378 |
高危 |
1.3.11 |
1.3.12, 1.4.12, 1.2.13 |
logback: serialization vulnerability in logback receiver
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.21 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.21 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.24.0 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
高危 |
1.24.0 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
|
| ch.qos.logback:logback-core |
CVE-2023-6378 |
高危 |
1.3.11 |
1.3.12, 1.4.12, 1.2.13 |
logback: serialization vulnerability in logback receiver
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
|
| org.apache.tomcat:tomcat-catalina |
CVE-2023-46589 |
高危 |
9.0.82 |
11.0.0-M11, 10.1.16, 9.0.83, 8.5.96 |
tomcat: HTTP request smuggling via malformed trailer headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46589
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-11-28 16:15 修改: 2024-07-12 16:11
|
| org.apache.tomcat:tomcat-catalina |
CVE-2024-50379 |
高危 |
9.0.82 |
11.0.2, 10.1.34, 9.0.98 |
tomcat: RCE due to TOCTOU issue in JSP compilation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50379
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-17 13:15 修改: 2025-01-03 12:15
|
| org.apache.tomcat:tomcat-coyote |
CVE-2024-34750 |
高危 |
9.0.82 |
11.0.0-M21, 10.1.25, 9.0.90 |
tomcat: Improper Handling of Exceptional Conditions
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
|
| org.apache.tomcat:tomcat-coyote |
CVE-2024-34750 |
高危 |
9.0.82 |
11.0.0-M21, 10.1.25, 9.0.90 |
tomcat: Improper Handling of Exceptional Conditions
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
|
| org.apache.tomcat:tomcat-util |
CVE-2024-38286 |
高危 |
9.0.82 |
11.0.0-M21, 10.1.25, 9.0.90 |
tomcat: Denial of Service in Tomcat
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
|
| org.apache.tomcat:tomcat-util |
CVE-2024-38286 |
高危 |
9.0.82 |
11.0.0-M21, 10.1.25, 9.0.90 |
tomcat: Denial of Service in Tomcat
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
|
| org.apache.velocity:velocity |
CVE-2020-13936 |
高危 |
1.6.4-atlassian-23 |
|
velocity: arbitrary code execution when attacker is able to modify templates
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13936
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2021-03-10 08:15 修改: 2023-11-07 03:17
|
| org.apache.velocity:velocity |
CVE-2020-13936 |
高危 |
1.6.4-atlassian-23 |
|
velocity: arbitrary code execution when attacker is able to modify templates
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13936
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2021-03-10 08:15 修改: 2023-11-07 03:17
|
| org.clojure:clojure |
CVE-2024-22871 |
高危 |
1.11.1 |
1.11.2, 1.12.0-alpha9 |
An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22871
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-29 02:15 修改: 2024-08-13 19:35
|
| org.clojure:clojure |
CVE-2024-22871 |
高危 |
1.11.1 |
1.11.2, 1.12.0-alpha9 |
An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22871
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-29 02:15 修改: 2024-08-13 19:35
|
| org.hibernate:hibernate-core |
CVE-2020-25638 |
高危 |
5.2.18.Final |
5.4.24.Final, 5.3.20.Final |
hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
|
| org.hibernate:hibernate-core |
CVE-2020-25638 |
高危 |
5.2.18.Final |
5.4.24.Final, 5.3.20.Final |
hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
|
| org.jdom:jdom |
CVE-2021-33813 |
高危 |
1.1.3-atlassian-5 |
|
jdom: XXE allows attackers to cause a DoS via a crafted HTTP request
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33813
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2021-06-16 12:15 修改: 2023-11-07 03:35
|
| org.jdom:jdom |
CVE-2021-33813 |
高危 |
1.1.3-atlassian-5 |
|
jdom: XXE allows attackers to cause a DoS via a crafted HTTP request
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33813
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2021-06-16 12:15 修改: 2023-11-07 03:35
|
| org.json:json |
CVE-2023-5072 |
高危 |
20230227 |
20231013 |
JSON-java: parser confusion leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
|
| org.json:json |
CVE-2023-5072 |
高危 |
20230227 |
20231013 |
JSON-java: parser confusion leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
|
| ch.qos.logback:logback-core |
CVE-2023-6378 |
高危 |
1.3.11 |
1.3.12, 1.4.12, 1.2.13 |
logback: serialization vulnerability in logback receiver
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
|
| com.graphql-java:graphql-java |
CVE-2024-40094 |
高危 |
17.5 |
19.11, 20.9, 21.5 |
graphql-java: Allocation of Resources Without Limits or Throttling in GraphQL Java
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40094
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-07-30 07:15 修改: 2024-07-30 13:32
|
| com.graphql-java:graphql-java |
CVE-2024-40094 |
高危 |
17.5 |
19.11, 20.9, 21.5 |
graphql-java: Allocation of Resources Without Limits or Throttling in GraphQL Java
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-40094
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-07-30 07:15 修改: 2024-07-30 13:32
|
| com.hazelcast:hazelcast |
CVE-2023-33265 |
高危 |
3.12.13 |
5.2.4, 5.1.7, 5.0.5 |
Hazelcast Executor Services don't check client permissions properly
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
|
| org.springframework.security:spring-security-core |
CVE-2024-22257 |
高危 |
5.8.2 |
5.7.12, 5.8.11, 6.1.8, 6.2.3 |
spring-security: Broken Access Control With Direct Use of AuthenticatedVoter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22257
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-18 15:15 修改: 2024-11-12 16:35
|
| org.springframework.security:spring-security-core |
CVE-2024-22257 |
高危 |
5.8.2 |
5.7.12, 5.8.11, 6.1.8, 6.2.3 |
spring-security: Broken Access Control With Direct Use of AuthenticatedVoter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22257
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-18 15:15 修改: 2024-11-12 16:35
|
| com.hazelcast:hazelcast |
CVE-2023-33265 |
高危 |
3.12.13 |
5.2.4, 5.1.7, 5.0.5 |
Hazelcast Executor Services don't check client permissions properly
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
|
| com.hazelcast:hazelcast |
CVE-2023-33265 |
高危 |
3.12.13 |
5.2.4, 5.1.7, 5.0.5 |
Hazelcast Executor Services don't check client permissions properly
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-07-18 16:15 修改: 2023-07-28 13:20
|
| org.springframework:spring-web |
CVE-2024-22243 |
高危 |
5.3.27 |
6.1.4, 6.0.17, 5.3.32 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
|
| org.springframework:spring-web |
CVE-2024-22243 |
高危 |
5.3.27 |
6.1.4, 6.0.17, 5.3.32 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
|
| org.springframework:spring-web |
CVE-2024-22259 |
高危 |
5.3.27 |
6.1.5, 6.0.18, 5.3.33 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
|
| org.springframework:spring-web |
CVE-2024-22259 |
高危 |
5.3.27 |
6.1.5, 6.0.18, 5.3.33 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
|
| org.springframework:spring-web |
CVE-2024-22262 |
高危 |
5.3.27 |
5.3.34, 6.0.19, 6.1.6 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
|
| org.springframework:spring-web |
CVE-2024-22262 |
高危 |
5.3.27 |
5.3.34, 6.0.19, 6.1.6 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
|
| com.hazelcast:hazelcast |
CVE-2023-45859 |
高危 |
3.12.13 |
5.2.5, 5.3.5 |
Missing permission checks on Hazelcast client protocol
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
|
| com.hazelcast:hazelcast |
CVE-2023-45859 |
高危 |
3.12.13 |
5.2.5, 5.3.5 |
Missing permission checks on Hazelcast client protocol
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-28 22:15 修改: 2024-11-29 17:15
|
| org.springframework:spring-web |
CVE-2024-22243 |
高危 |
5.3.29 |
6.1.4, 6.0.17, 5.3.32 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
|
| org.springframework:spring-web |
CVE-2024-22243 |
高危 |
5.3.29 |
6.1.4, 6.0.17, 5.3.32 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
|
| org.springframework:spring-web |
CVE-2024-22259 |
高危 |
5.3.29 |
6.1.5, 6.0.18, 5.3.33 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
|
| org.springframework:spring-web |
CVE-2024-22259 |
高危 |
5.3.29 |
6.1.5, 6.0.18, 5.3.33 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
|
| org.springframework:spring-web |
CVE-2024-22262 |
高危 |
5.3.29 |
5.3.34, 6.0.19, 6.1.6 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
|
| org.springframework:spring-web |
CVE-2024-22262 |
高危 |
5.3.29 |
5.3.34, 6.0.19, 6.1.6 |
springframework: URL Parsing with Host Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
|
| org.springframework:spring-webmvc |
CVE-2024-38816 |
高危 |
5.3.27 |
6.1.13 |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
|
| org.springframework:spring-webmvc |
CVE-2024-38816 |
高危 |
5.3.27 |
6.1.13 |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
|
| org.springframework:spring-webmvc |
CVE-2024-38819 |
高危 |
5.3.27 |
6.1.14 |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
|
| org.springframework:spring-webmvc |
CVE-2024-38819 |
高危 |
5.3.27 |
6.1.14 |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
|
| org.springframework:spring-webmvc |
CVE-2024-38816 |
高危 |
5.3.29 |
6.1.13 |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
|
| org.springframework:spring-webmvc |
CVE-2024-38816 |
高危 |
5.3.29 |
6.1.13 |
spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
|
| org.springframework:spring-webmvc |
CVE-2024-38819 |
高危 |
5.3.29 |
6.1.14 |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
|
| org.springframework:spring-webmvc |
CVE-2024-38819 |
高危 |
5.3.29 |
6.1.14 |
org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-19 18:15 修改: 2025-01-10 13:15
|
| software.amazon.ion:ion-java |
CVE-2024-21634 |
高危 |
1.0.2 |
1.10.5 |
ion-java: ion-java: Ion Java StackOverflow vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-01-03 23:15 修改: 2024-01-10 16:38
|
| software.amazon.ion:ion-java |
CVE-2024-21634 |
高危 |
1.0.2 |
1.10.5 |
ion-java: ion-java: Ion Java StackOverflow vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-01-03 23:15 修改: 2024-01-10 16:38
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.53.v20231009 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
|
| org.eclipse.jetty:jetty-server |
CVE-2024-8184 |
中危 |
9.4.51.v20230217 |
12.0.9, 10.0.24, 11.0.24, 9.4.56 |
org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
|
| org.eclipse.jetty:jetty-server |
CVE-2024-8184 |
中危 |
9.4.51.v20230217 |
12.0.9, 10.0.24, 11.0.24, 9.4.56 |
org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
|
| org.hibernate.validator:hibernate-validator |
CVE-2023-1932 |
中危 |
6.0.21.Final |
6.2.0.Final |
hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
|
| org.hibernate.validator:hibernate-validator |
CVE-2023-1932 |
中危 |
6.0.21.Final |
6.2.0.Final |
hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
|
| org.hibernate.validator:hibernate-validator |
CVE-2023-1932 |
中危 |
6.0.23.Final |
6.2.0.Final |
hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
|
| org.hibernate.validator:hibernate-validator |
CVE-2023-1932 |
中危 |
6.0.23.Final |
6.2.0.Final |
hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
|
| org.hibernate.validator:hibernate-validator |
CVE-2023-1932 |
中危 |
6.0.23.Final |
6.2.0.Final |
hibernate-validator: rendering of invalid html with SafeHTML leads to HTML injection and XSS
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1932
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-07 10:15 修改: 2024-11-08 19:01
|
| com.google.guava:guava |
CVE-2023-2976 |
中危 |
30.0-jre |
32.0.0-android |
guava: insecure temporary directory creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
|
| ch.qos.logback:logback-core |
CVE-2024-12798 |
中危 |
1.3.11 |
1.5.13, 1.3.15 |
logback-core: arbitrary code execution via JaninoEventEvaluator
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
|
| org.hibernate:hibernate-core |
CVE-2019-14900 |
中危 |
5.2.18.Final |
5.3.18, 5.4.18, 5.5.0.Beta1 |
hibernate: SQL injection issue in Hibernate ORM
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
|
| org.hibernate:hibernate-core |
CVE-2019-14900 |
中危 |
5.2.18.Final |
5.3.18, 5.4.18, 5.5.0.Beta1 |
hibernate: SQL injection issue in Hibernate ORM
漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
|
| ch.qos.logback:logback-core |
CVE-2024-12798 |
中危 |
1.3.11 |
1.5.13, 1.3.15 |
logback-core: arbitrary code execution via JaninoEventEvaluator
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.21 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.21 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
|
| com.google.guava:guava |
CVE-2023-2976 |
中危 |
30.0-jre |
32.0.0-android |
guava: insecure temporary directory creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
|
| org.owasp.antisamy:antisamy |
CVE-2023-43643 |
中危 |
1.6.8 |
1.7.4 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
|
| org.owasp.antisamy:antisamy |
CVE-2023-43643 |
中危 |
1.6.8 |
1.7.4 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
|
| org.owasp.antisamy:antisamy |
CVE-2023-43643 |
中危 |
1.6.8 |
1.7.4 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
|
| org.owasp.antisamy:antisamy |
CVE-2024-23635 |
中危 |
1.6.8 |
1.7.5 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
|
| org.owasp.antisamy:antisamy |
CVE-2024-23635 |
中危 |
1.6.8 |
1.7.5 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
|
| org.owasp.antisamy:antisamy |
CVE-2024-23635 |
中危 |
1.6.8 |
1.7.5 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
|
| org.owasp.antisamy:antisamy |
CVE-2023-43643 |
中危 |
1.6.8-atlassian-4 |
1.7.4 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
|
| org.owasp.antisamy:antisamy |
CVE-2023-43643 |
中危 |
1.6.8-atlassian-4 |
1.7.4 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
|
| org.owasp.antisamy:antisamy |
CVE-2023-43643 |
中危 |
1.6.8-atlassian-4 |
1.7.4 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43643
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-10-09 14:15 修改: 2023-10-13 17:35
|
| org.owasp.antisamy:antisamy |
CVE-2024-23635 |
中危 |
1.6.8-atlassian-4 |
1.7.5 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
|
| org.owasp.antisamy:antisamy |
CVE-2024-23635 |
中危 |
1.6.8-atlassian-4 |
1.7.5 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
|
| org.owasp.antisamy:antisamy |
CVE-2024-23635 |
中危 |
1.6.8-atlassian-4 |
1.7.5 |
AntiSamy is a library for performing fast, configurable cleansing of H ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
|
| commons-httpclient:commons-httpclient |
CVE-2012-5783 |
中危 |
3.1-atlassian-2 |
4.0 |
jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
漏洞详情: https://avd.aquasec.com/nvd/cve-2012-5783
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2012-11-04 22:55 修改: 2021-04-23 17:28
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.24.0 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.24.0 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29131 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
|
| org.springframework.ldap:spring-ldap-core |
CVE-2024-38829 |
中危 |
2.3.3.RELEASE |
3.2.8, 2.4.4 |
spring-ldap: Spring LDAP sensitive data exposure for case-sensitive comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38829
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-04 21:15 修改: 2024-12-10 15:15
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29131 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29133 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
|
| org.springframework.security:spring-security-core |
CVE-2023-20862 |
中危 |
5.8.2 |
5.7.8, 5.8.3, 6.0.3 |
spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20862
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-04-19 20:15 修改: 2023-08-23 18:34
|
| org.springframework.security:spring-security-core |
CVE-2023-20862 |
中危 |
5.8.2 |
5.7.8, 5.8.3, 6.0.3 |
spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20862
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-04-19 20:15 修改: 2023-08-23 18:34
|
| org.springframework.security:spring-security-core |
CVE-2024-38827 |
中危 |
5.8.2 |
5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5 |
spring-security: authorization bypass for case sensitive comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
|
| org.springframework.security:spring-security-core |
CVE-2024-38827 |
中危 |
5.8.2 |
5.7.14, 5.8.16, 6.0.14, 6.1.12, 6.2.8, 6.3.5 |
spring-security: authorization bypass for case sensitive comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
|
| org.springframework:spring-context |
CVE-2024-38820 |
中危 |
5.3.27 |
6.1.14 |
The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
|
| org.springframework:spring-context |
CVE-2024-38820 |
中危 |
5.3.27 |
6.1.14 |
The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
|
| org.springframework:spring-context |
CVE-2024-38820 |
中危 |
5.3.29 |
6.1.14 |
The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
|
| org.springframework:spring-context |
CVE-2024-38820 |
中危 |
5.3.29 |
6.1.14 |
The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
|
| org.springframework:spring-expression |
CVE-2024-38808 |
中危 |
5.3.27 |
5.3.39 |
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
|
| org.springframework:spring-expression |
CVE-2024-38808 |
中危 |
5.3.27 |
5.3.39 |
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
|
| org.springframework:spring-expression |
CVE-2024-38808 |
中危 |
5.3.29 |
5.3.39 |
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
|
| org.springframework:spring-expression |
CVE-2024-38808 |
中危 |
5.3.29 |
5.3.39 |
spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
|
| org.apache.commons:commons-configuration2 |
CVE-2024-29133 |
中危 |
2.8.0 |
2.10.1 |
commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
|
| org.apache.santuario:xmlsec |
CVE-2023-44483 |
中危 |
2.3.3 |
2.3.4, 2.2.6, 3.0.3 |
santuario: Private Key disclosure in debug-log output
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-10-20 10:15 修改: 2023-10-27 18:49
|
| org.apache.santuario:xmlsec |
CVE-2023-44483 |
中危 |
2.3.3 |
2.3.4, 2.2.6, 3.0.3 |
santuario: Private Key disclosure in debug-log output
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-10-20 10:15 修改: 2023-10-27 18:49
|
| commons-httpclient:commons-httpclient |
CVE-2012-5783 |
中危 |
3.1-atlassian-2 |
4.0 |
jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
漏洞详情: https://avd.aquasec.com/nvd/cve-2012-5783
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2012-11-04 22:55 修改: 2021-04-23 17:28
|
| com.hazelcast:hazelcast |
CVE-2023-33264 |
中危 |
3.12.13 |
5.3.0 |
hazelcast: Improper password mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
|
| com.hazelcast:hazelcast |
CVE-2023-33264 |
中危 |
3.12.13 |
5.3.0 |
hazelcast: Improper password mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
|
| org.apache.tomcat:tomcat-catalina |
CVE-2024-54677 |
中危 |
9.0.82 |
11.0.2, 10.1.34, 9.0.98 |
tomcat: Apache Tomcat: DoS in examples web application
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-54677
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-17 13:15 修改: 2024-12-18 17:15
|
| io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.100.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
|
| org.springframework:spring-web |
CVE-2024-38809 |
中危 |
5.3.27 |
5.3.38, 6.0.23, 6.1.12 |
org.springframework:spring-web: Spring Framework DoS via conditional HTTP request
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
|
| org.springframework:spring-web |
CVE-2024-38809 |
中危 |
5.3.27 |
5.3.38, 6.0.23, 6.1.12 |
org.springframework:spring-web: Spring Framework DoS via conditional HTTP request
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
|
| io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.100.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
|
| org.apache.tomcat:tomcat-coyote |
CVE-2024-24549 |
中危 |
9.0.82 |
11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 |
Tomcat: HTTP/2 header handling DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-13 16:15 修改: 2024-11-04 22:35
|
| org.apache.tomcat:tomcat-coyote |
CVE-2024-24549 |
中危 |
9.0.82 |
11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 |
Tomcat: HTTP/2 header handling DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-13 16:15 修改: 2024-11-04 22:35
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.100.Final |
4.1.115 |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.100.Final |
4.1.115 |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
|
| org.apache.tomcat:tomcat-websocket |
CVE-2024-23672 |
中危 |
9.0.82 |
11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 |
Tomcat: WebSocket DoS with incomplete closing handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-03-13 16:15 修改: 2024-11-18 22:35
|
| org.apache.tomcat:tomcat-websocket |
CVE-2024-23672 |
中危 |
9.0.82 |
11.0.0-M17, 10.1.19, 9.0.86, 8.5.99 |
Tomcat: WebSocket DoS with incomplete closing handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23672
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-03-13 16:15 修改: 2024-11-18 22:35
|
| ognl:ognl |
CVE-2016-3093 |
中危 |
2.6.5-atlassian-3 |
3.0.12 |
struts: OGNL cache poisoning can lead to DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3093
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2016-06-07 18:59 修改: 2023-02-12 23:18
|
| org.springframework:spring-web |
CVE-2024-38809 |
中危 |
5.3.29 |
5.3.38, 6.0.23, 6.1.12 |
org.springframework:spring-web: Spring Framework DoS via conditional HTTP request
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
|
| org.springframework:spring-web |
CVE-2024-38809 |
中危 |
5.3.29 |
5.3.38, 6.0.23, 6.1.12 |
org.springframework:spring-web: Spring Framework DoS via conditional HTTP request
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
|
| opensymphony:xwork |
CVE-2007-4556 |
中危 |
1.0.3-atlassian-18 |
1.2.3, 2.0.4 |
OpenSymphony XWork vulnerable to improper input validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4556
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2007-08-28 01:17 修改: 2018-10-26 14:00
|
| org.bitbucket.b_c:jose4j |
CVE-2023-51775 |
中危 |
0.9.3 |
0.9.4 |
jose4j: denial of service via specially crafted JWE
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51775
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-02-29 01:42 修改: 2024-08-14 19:35
|
| org.bitbucket.b_c:jose4j |
CVE-2023-51775 |
中危 |
0.9.3 |
0.9.4 |
jose4j: denial of service via specially crafted JWE
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51775
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-02-29 01:42 修改: 2024-08-14 19:35
|
| opensymphony:xwork |
CVE-2007-4556 |
中危 |
1.0.3-atlassian-18 |
1.2.3, 2.0.4 |
OpenSymphony XWork vulnerable to improper input validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2007-4556
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2007-08-28 01:17 修改: 2018-10-26 14:00
|
| org.springframework:spring-webmvc |
CVE-2024-38828 |
中危 |
5.3.27 |
5.3.42 |
org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
|
| org.springframework:spring-webmvc |
CVE-2024-38828 |
中危 |
5.3.27 |
5.3.42 |
org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
|
| com.hazelcast:hazelcast |
CVE-2023-33264 |
中危 |
3.12.13 |
5.3.0 |
hazelcast: Improper password mask
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33264
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-05-22 01:15 修改: 2023-06-02 17:41
|
| org.eclipse.jetty:jetty-http |
CVE-2023-40167 |
中危 |
9.4.51.v20230217 |
9.4.52, 10.0.16, 11.0.16, 12.0.1 |
jetty: Improper validation of HTTP/1 content-length
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
|
| org.eclipse.jetty:jetty-http |
CVE-2023-40167 |
中危 |
9.4.51.v20230217 |
9.4.52, 10.0.16, 11.0.16, 12.0.1 |
jetty: Improper validation of HTTP/1 content-length
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.51.v20230217 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
|
| org.springframework:spring-webmvc |
CVE-2024-38828 |
中危 |
5.3.29 |
5.3.42 |
org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
|
| org.springframework:spring-webmvc |
CVE-2024-38828 |
中危 |
5.3.29 |
5.3.42 |
org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.51.v20230217 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
|
| org.eclipse.jetty:jetty-http |
CVE-2024-6763 |
中危 |
9.4.53.v20231009 |
12.0.12 |
org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
|
| com.google.guava:guava |
CVE-2020-8908 |
低危 |
30.0-jre |
32.0.0-android |
guava: local information disclosure via temporary directory created with unsafe permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
|
| ch.qos.logback:logback-core |
CVE-2024-12801 |
低危 |
1.3.11 |
1.5.13, 1.3.15 |
logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
|
| ch.qos.logback:logback-core |
CVE-2024-12801 |
低危 |
1.3.11 |
1.5.13, 1.3.15 |
logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801
镜像层: sha256:f8917e28bbf34ad285058302c45e2f604294a76c0e6078eb4cf746b98502e28f
发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
|
| com.google.guava:guava |
CVE-2020-8908 |
低危 |
30.0-jre |
32.0.0-android |
guava: local information disclosure via temporary directory created with unsafe permissions
漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908
镜像层: sha256:08c3feb843a069d96174c47700a89a5918ccf2d3dea831058819c61f570f141d
发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
|