docker.io/bitnami/kafka:2.3.1-debian-9-r41 linux/amd64

docker.io/bitnami/kafka:2.3.1-debian-9-r41 - Trivy安全扫描结果扫描时间: 2025-01-29 20:02

全部漏洞信息

低危漏洞:54

中危漏洞:65

高危漏洞:113

严重漏洞:19

系统OS: debian 9.11 扫描引擎: Trivy 扫描时间: 2025-01-29 20:02

docker.io/bitnami/kafka:2.3.1-debian-9-r41 (debian 9.11) (debian)

低危漏洞:49

中危漏洞:49

高危漏洞:103

严重漏洞:15

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
curl	CVE-2019-5481	严重	7.52.1-5+deb9u9	7.52.1-5+deb9u10	curl: double free due to subsequent call of realloc() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5481 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11
curl	CVE-2019-5482	严重	7.52.1-5+deb9u9	7.52.1-5+deb9u10	curl: heap buffer overflow in function tftp_receive_packet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5482 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11
dpkg	CVE-2022-1664	严重	1.18.25	1.18.26	Dpkg::Source::Archive in dpkg, the Debian package management system, b ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1664 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-05-26 14:15 修改: 2022-12-03 02:19
libbz2-1.0	CVE-2019-12900	严重	1.0.6-8.1		bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail). 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
libcurl3	CVE-2019-5481	严重	7.52.1-5+deb9u9	7.52.1-5+deb9u10	curl: double free due to subsequent call of realloc() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5481 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11
libcurl3	CVE-2019-5482	严重	7.52.1-5+deb9u9	7.52.1-5+deb9u10	curl: heap buffer overflow in function tftp_receive_packet() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5482 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11
libdb5.3	CVE-2019-8457	严重	5.3.28-12+deb9u1		sqlite: heap out-of-bound read in function rtreenode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13
libidn11	CVE-2017-14062	严重	1.33-1	1.33-1+deb9u1	libidn2: Integer overflow in puny_decode.c/decode_digit 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-14062 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2017-08-31 16:29 修改: 2020-12-07 20:17
libldap-2.4-2	CVE-2022-29155	严重	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u9	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56
libldap-common	CVE-2022-29155	严重	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u9	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56
liblz4-1	CVE-2021-3520	严重	0.0~r131-2+b1	0.0~r131-2+deb9u1	lz4: memory corruption due to an integer overflow bug caused by memmove argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3520 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-06-02 13:15 修改: 2024-06-06 20:25
libssl1.1	CVE-2022-1292	严重	1.1.0l-1~deb9u1	1.1.0l-1~deb9u6	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41
login	CVE-2017-12424	严重	1:4.4-4.1	1:4.4-4.1+deb9u1	shadow-utils: Buffer overflow via newusers tool 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02
openssl	CVE-2022-1292	严重	1.1.0l-1~deb9u1	1.1.0l-1~deb9u6	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41
passwd	CVE-2017-12424	严重	1:4.4-4.1	1:4.4-4.1+deb9u1	shadow-utils: Buffer overflow via newusers tool 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02
libcomerr2	CVE-2022-1304	高危	1.43.4-2+deb9u1		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
curl	CVE-2020-8177	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u11	curl: Incorrect argument check can allow remote servers to overwrite local files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8177 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
curl	CVE-2020-8231	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u12	curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
libcurl3	CVE-2019-5436	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u10	curl: TFTP receive heap buffer overflow in tftp_receive_packet() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5436 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-05-28 19:29 修改: 2023-11-07 03:11
libcurl3	CVE-2020-8177	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u11	curl: Incorrect argument check can allow remote servers to overwrite local files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8177 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
libcurl3	CVE-2020-8231	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u12	curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
libcurl3	CVE-2020-8285	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u13	curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libcurl3	CVE-2020-8286	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u13	curl: Inferior OCSP verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libcurl3	CVE-2021-22946	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u16	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
curl	CVE-2020-8285	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u13	curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libfdisk1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libgcc1	CVE-2018-12886	高危	1:6.3.0-18+deb9u1		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
libgcrypt20	CVE-2021-33560	高危	1.7.6-2+deb9u3		libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35
libgmp10	CVE-2021-43618	高危	2:6.1.2+dfsg-1	2:6.1.2+dfsg-1+deb9u1	gmp: Integer overflow and resultant buffer overflow via crafted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-11-15 04:15 修改: 2023-09-29 15:15
libgnutls30	CVE-2019-3829	高危	3.5.8-5+deb9u4	3.5.8-5+deb9u5	gnutls: use-after-free/double-free in certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3829 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-03-27 18:29 修改: 2023-11-07 03:10
libgssapi-krb5-2	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
libhogweed4	CVE-2021-20305	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Out of bounds memory access in signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29
libhogweed4	CVE-2021-3580	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Remote crash in RSA decryption via manipulated ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15
curl	CVE-2020-8286	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u13	curl: Inferior OCSP verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libk5crypto3	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
libkrb5-3	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
libkrb5support0	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
curl	CVE-2021-22946	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u16	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
libldap-2.4-2	CVE-2020-12243	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u4	openldap: denial of service via nested boolean expressions in LDAP search filters 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12243 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-04-28 19:15 修改: 2022-04-29 13:24
libldap-2.4-2	CVE-2020-25692	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u5	openldap: NULL pointer dereference for unauthenticated packet in slapd 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27
libldap-2.4-2	CVE-2020-25709	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in Certificate List syntax validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20
libldap-2.4-2	CVE-2020-25710	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in CSN normalization with invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20
libldap-2.4-2	CVE-2020-36221	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36222	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in slapd in the saslAuthzTo validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36223	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Out-of-bounds read in Values Return Filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36224	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Invalid pointer free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36225	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Double free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36226	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Denial of service via length miscalculation in slap_parse_user 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36227	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Infinite loop in slapd with the cancel_extop Cancel operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36228	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36229	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Type confusion in ad_keystring in ad.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36230	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in ber_next_element in decode.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2021-27212	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u8	openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-14 03:15 修改: 2023-11-07 03:31
bsdutils	CVE-2016-2779	高危	1:2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libldap-common	CVE-2020-12243	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u4	openldap: denial of service via nested boolean expressions in LDAP search filters 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12243 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-04-28 19:15 修改: 2022-04-29 13:24
libldap-common	CVE-2020-25692	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u5	openldap: NULL pointer dereference for unauthenticated packet in slapd 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27
libldap-common	CVE-2020-25709	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in Certificate List syntax validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20
libldap-common	CVE-2020-25710	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in CSN normalization with invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20
libldap-common	CVE-2020-36221	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36222	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in slapd in the saslAuthzTo validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36223	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Out-of-bounds read in Values Return Filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36224	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Invalid pointer free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36225	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Double free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36226	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Denial of service via length miscalculation in slap_parse_user 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36227	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Infinite loop in slapd with the cancel_extop Cancel operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36228	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36229	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Type confusion in ad_keystring in ad.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36230	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in ber_next_element in decode.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2021-27212	高危	2.4.44+dfsg-5+deb9u3	2.4.44+dfsg-5+deb9u8	openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-14 03:15 修改: 2023-11-07 03:31
gcc-6-base	CVE-2018-12886	高危	6.3.0-18+deb9u1		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
liblzma5	CVE-2022-1271	高危	5.2.2-1.2+b1	5.2.2-1.2+deb9u1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libmount1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libncurses5	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libncursesw5	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libnettle6	CVE-2021-20305	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Out of bounds memory access in signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29
libnettle6	CVE-2021-3580	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Remote crash in RSA decryption via manipulated ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15
libnghttp2-14	CVE-2018-1000168	高危	1.18.1-1+deb9u1	1.18.1-1+deb9u2	nghttp2: Null pointer dereference when too large ALTSVC frame is received 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000168 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-05-08 15:29 修改: 2022-08-16 13:01
libnghttp2-14	CVE-2020-11080	高危	1.18.1-1+deb9u1	1.18.1-1+deb9u2	nghttp2: overly large SETTINGS frames can lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11080 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-06-03 23:15 修改: 2023-11-07 03:14
libp11-kit0	CVE-2020-29361	高危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21
libsasl2-2	CVE-2019-19906	高危	2.1.27~101-g0780600+dfsg-3	2.1.27~101-g0780600+dfsg-3+deb9u1	cyrus-sasl: denial of service in _sasl_add_string function 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19906 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-12-19 18:15 修改: 2023-11-07 03:07
libsasl2-2	CVE-2022-24407	高危	2.1.27~101-g0780600+dfsg-3	2.1.27~101-g0780600+dfsg-3+deb9u2	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
libsasl2-modules-db	CVE-2019-19906	高危	2.1.27~101-g0780600+dfsg-3	2.1.27~101-g0780600+dfsg-3+deb9u1	cyrus-sasl: denial of service in _sasl_add_string function 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19906 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-12-19 18:15 修改: 2023-11-07 03:07
libsasl2-modules-db	CVE-2022-24407	高危	2.1.27~101-g0780600+dfsg-3	2.1.27~101-g0780600+dfsg-3+deb9u2	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
libsmartcols1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libssh2-1	CVE-2019-13115	高危	1.7.0-1+deb9u1	1.7.0-1+deb9u2	libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13115 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-07-16 18:15 修改: 2023-11-07 03:03
libssh2-1	CVE-2019-17498	高危	1.7.0-1+deb9u1	1.7.0-1+deb9u2	libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17498 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-10-21 22:15 修改: 2023-11-07 03:06
libssl1.0.2	CVE-2021-23840	高危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u4	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libssl1.0.2	CVE-2021-3712	高危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u6	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
libssl1.0.2	CVE-2022-0778	高危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u7	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
gpgv	CVE-2018-1000858	高危	2.1.18-8~deb9u4		gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43
libssl1.1	CVE-2021-23840	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2021-3712	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u4	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2022-0778	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libstdc++6	CVE-2018-12886	高危	6.3.0-18+deb9u1		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
libsystemd0	CVE-2019-3843	高危	232-25+deb9u12		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libsystemd0	CVE-2019-3844	高危	232-25+deb9u12		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libsystemd0	CVE-2020-1712	高危	232-25+deb9u12	232-25+deb9u14	systemd: use-after-free when asynchronous polkit queries are performed 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19
libtinfo5	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libudev1	CVE-2019-3843	高危	232-25+deb9u12		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libudev1	CVE-2019-3844	高危	232-25+deb9u12		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libudev1	CVE-2020-1712	高危	232-25+deb9u12	232-25+deb9u14	systemd: use-after-free when asynchronous polkit queries are performed 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19
libuuid1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
gzip	CVE-2022-1271	高危	1.6-5+b1	1.6-5+deb9u1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
login	CVE-2017-20002	高危	1:4.4-4.1	1:4.4-4.1+deb9u1	The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58
mount	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
ncurses-base	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libblkid1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
openssl	CVE-2021-23840	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl	CVE-2021-3712	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u4	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
openssl	CVE-2022-0778	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
curl	CVE-2019-5436	高危	7.52.1-5+deb9u9	7.52.1-5+deb9u10	curl: TFTP receive heap buffer overflow in tftp_receive_packet() function 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5436 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-05-28 19:29 修改: 2023-11-07 03:11
passwd	CVE-2017-20002	高危	1:4.4-4.1	1:4.4-4.1+deb9u1	The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58
perl-base	CVE-2020-10543	高危	5.24.1-3+deb9u5	5.24.1-3+deb9u7	perl: heap-based buffer overflow in regular expression compiler leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10543 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-06-05 14:15 修改: 2023-11-07 03:14
perl-base	CVE-2020-10878	高危	5.24.1-3+deb9u5	5.24.1-3+deb9u7	perl: corruption of intermediate language state of compiled regular expression due to integer overflow leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10878 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-06-05 14:15 修改: 2023-11-07 03:14
perl-base	CVE-2020-12723	高危	5.24.1-3+deb9u5	5.24.1-3+deb9u7	perl: corruption of intermediate language state of compiled regular expression due to recursive S_study_chunk() calls leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12723 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-06-05 15:15 修改: 2023-11-07 03:15
perl-base	CVE-2020-16156	高危	5.24.1-3+deb9u5		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
util-linux	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
zlib1g	CVE-2018-25032	高危	1:1.2.8.dfsg-5	1:1.2.8.dfsg-5+deb9u1	zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
libk5crypto3	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libk5crypto3	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
apt	CVE-2020-3810	中危	1.4.9	1.4.10	Missing input validation in the ar/tar implementations of APT before v ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-3810 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-05-15 14:15 修改: 2023-11-07 03:23
libkrb5-3	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libssl1.0.2	CVE-2019-1551	中危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u1	openssl: Integer overflow in RSAZ modular exponentiation on x86_64 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08
libssl1.0.2	CVE-2020-1971	中危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u3	openssl: EDIPARTYNAME NULL pointer de-reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15
libssl1.0.2	CVE-2021-23841	中危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u4	openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libkrb5-3	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libkrb5-3	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libkrb5-3	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
apt	CVE-2020-27350	中危	1.4.9	1.4.11	APT had several integer overflows and underflows while parsing .deb pa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
libssl1.1	CVE-2019-1551	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Integer overflow in RSAZ modular exponentiation on x86_64 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08
libssl1.1	CVE-2020-1971	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u2	openssl: EDIPARTYNAME NULL pointer de-reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2021-23841	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2021-4160	中危	1.1.0l-1~deb9u1		openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4160 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-01-28 22:15 修改: 2024-06-21 19:15
libkrb5support0	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libkrb5support0	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libkrb5support0	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libkrb5support0	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libsystemd0	CVE-2021-33910	中危	232-25+deb9u12	232-25+deb9u13	systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
libsystemd0	CVE-2021-3997	中危	232-25+deb9u12		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libgcrypt20	CVE-2019-13627	中危	1.7.6-2+deb9u3		libgcrypt: ECDSA timing attack allowing private key leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13627 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-09-25 15:15 修改: 2021-07-21 11:39
libgcrypt20	CVE-2021-40528	中危	1.7.6-2+deb9u3	1.7.6-2+deb9u4	libgcrypt: ElGamal implementation allows plaintext recovery 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38
curl	CVE-2021-22876	中危	7.52.1-5+deb9u9	7.52.1-5+deb9u14	curl: Leak of authentication credentials in URL via automatic Referer 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47
libcomerr2	CVE-2019-5188	中危	1.43.4-2+deb9u1	1.43.4-2+deb9u2	e2fsprogs: Out-of-bounds write in e2fsck/rehash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11
libudev1	CVE-2021-33910	中危	232-25+deb9u12	232-25+deb9u13	systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
libudev1	CVE-2021-3997	中危	232-25+deb9u12		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libgnutls30	CVE-2018-16868	中危	3.5.8-5+deb9u4		gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16868 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-03 14:29 修改: 2022-11-30 21:20
libgnutls30	CVE-2021-4209	中危	3.5.8-5+deb9u4		GnuTLS: Null pointer dereference in MD_UPDATE 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-08-24 16:15 修改: 2022-10-27 16:57
curl	CVE-2021-22947	中危	7.52.1-5+deb9u9	7.52.1-5+deb9u16	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libgssapi-krb5-2	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libgssapi-krb5-2	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libnettle6	CVE-2018-16869	中危	3.3-1+b2		nettle: Leaky data conversion exposing a manager oracle 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16869 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-03 14:29 修改: 2023-02-03 14:25
libgssapi-krb5-2	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libgssapi-krb5-2	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libcurl3	CVE-2021-22876	中危	7.52.1-5+deb9u9	7.52.1-5+deb9u14	curl: Leak of authentication credentials in URL via automatic Referer 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47
openssl	CVE-2019-1551	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Integer overflow in RSAZ modular exponentiation on x86_64 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08
openssl	CVE-2020-1971	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u2	openssl: EDIPARTYNAME NULL pointer de-reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15
openssl	CVE-2021-23841	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl	CVE-2021-4160	中危	1.1.0l-1~deb9u1		openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4160 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2022-01-28 22:15 修改: 2024-06-21 19:15
libp11-kit0	CVE-2020-29362	中危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50
libpcre3	CVE-2020-14155	中危	2:8.39-3		pcre: Integer overflow when parsing callout numeric arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04
libcurl3	CVE-2021-22947	中危	7.52.1-5+deb9u9	7.52.1-5+deb9u16	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libhogweed4	CVE-2018-16869	中危	3.3-1+b2		nettle: Leaky data conversion exposing a manager oracle 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16869 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-03 14:29 修改: 2023-02-03 14:25
libapt-pkg5.0	CVE-2020-27350	中危	1.4.9	1.4.11	APT had several integer overflows and underflows while parsing .deb pa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
libapt-pkg5.0	CVE-2020-3810	中危	1.4.9	1.4.10	Missing input validation in the ar/tar implementations of APT before v ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-3810 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-05-15 14:15 修改: 2023-11-07 03:23
tar	CVE-2018-20482	中危	1.29b-1.1	1.29b-1.1+deb9u1	tar: Infinite read loop in sparse_dump_region function in sparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20482 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-12-26 18:29 修改: 2021-11-30 19:52
libk5crypto3	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libk5crypto3	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libkrb5support0	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
libkrb5support0	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
libcurl3	CVE-2020-8284	低危	7.52.1-5+deb9u9	7.52.1-5+deb9u13	curl: FTP PASV command response can cause curl to connect to arbitrary host 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50
libcurl3	CVE-2021-22898	低危	7.52.1-5+deb9u9	7.52.1-5+deb9u15	curl: TELNET stack contents disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47
libcurl3	CVE-2021-22924	低危	7.52.1-5+deb9u9	7.52.1-5+deb9u15	curl: Bad connection reuse due to flawed path name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11
bsdutils	CVE-2021-37600	低危	1:2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libsystemd0	CVE-2018-16888	低危	232-25+deb9u12		systemd: kills privileged process if unprivileged PIDFile was tampered 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
libsystemd0	CVE-2018-6954	低危	232-25+deb9u12		systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00
libk5crypto3	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
libtinfo5	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libtinfo5	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libtinfo5	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libk5crypto3	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
coreutils	CVE-2016-2781	低危	8.26-3		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libfdisk1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libblkid1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libsepol1	CVE-2021-36084	低危	2.6-2		libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libudev1	CVE-2018-16888	低危	232-25+deb9u12		systemd: kills privileged process if unprivileged PIDFile was tampered 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
libudev1	CVE-2018-6954	低危	232-25+deb9u12		systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00
libsepol1	CVE-2021-36085	低危	2.6-2		libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libuuid1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libsepol1	CVE-2021-36086	低危	2.6-2		libsepol: use-after-free in cil_reset_classpermission() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36087	低危	2.6-2		libsepol: heap-based buffer overflow in ebitmap_match_any() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
login	CVE-2018-7169	低危	1:4.4-4.1		shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03
libgssapi-krb5-2	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
mount	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libsmartcols1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
ncurses-base	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
ncurses-base	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
ncurses-base	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libgssapi-krb5-2	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
libkrb5-3	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
libkrb5-3	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
liblz4-1	CVE-2019-17543	低危	0.0~r131-2+b1		lz4: heap-based buffer overflow in LZ4_write32 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 02:15 修改: 2023-11-07 03:06
curl	CVE-2020-8284	低危	7.52.1-5+deb9u9	7.52.1-5+deb9u13	curl: FTP PASV command response can cause curl to connect to arbitrary host 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50
gpgv	CVE-2018-9234	低危	2.1.18-8~deb9u4		GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37
libmount1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
gpgv	CVE-2019-14855	低危	2.1.18-8~deb9u4		gnupg2: OpenPGP Key Certification Forgeries with SHA-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28
libssl1.0.2	CVE-2020-1968	低危	1.0.2t-1~deb9u1	1.0.2u-1~deb9u2	openssl: Information exposure when DH secret are reused across multiple TLS connections 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1968 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2020-09-09 14:15 修改: 2022-11-21 19:48
libncurses5	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
passwd	CVE-2018-7169	低危	1:4.4-4.1		shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03
libncurses5	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libncurses5	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
curl	CVE-2021-22898	低危	7.52.1-5+deb9u9	7.52.1-5+deb9u15	curl: TELNET stack contents disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47
libncursesw5	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libncursesw5	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libncursesw5	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
util-linux	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
curl	CVE-2021-22924	低危	7.52.1-5+deb9u9	7.52.1-5+deb9u15	curl: Bad connection reuse due to flawed path name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11
debian-archive-keyring	DLA-2948-1	未知	2017.5+deb9u1	2017.5+deb9u2	debian-archive-keyring - security update 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2424-1	未知	2019b-0+deb9u1	2020d-0+deb9u1	tzdata - new upstream version 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2509-1	未知	2019b-0+deb9u1	2020e-0+deb9u1	tzdata - new upstream version 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2542-1	未知	2019b-0+deb9u1	2021a-0+deb9u1	tzdata - new upstream version 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2797-1	未知	2019b-0+deb9u1	2021a-0+deb9u2	tzdata - new upstream version 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2963-1	未知	2019b-0+deb9u1	2021a-0+deb9u3	tzdata - new timezone database 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-3051-1	未知	2019b-0+deb9u1	2021a-0+deb9u4	tzdata - new timezone database 漏洞详情: 镜像层: sha256:3005072043ee8393cb92946b772ff71d3e714545aeca4d233e1d328b7af88806 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ca-certificates	DLA-2593-1	未知	20161130+nmu1+deb9u1	20200601~deb9u2	ca-certificates - whitelist Symantec CA 漏洞详情: 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssl1.0.2	DLA-2761-1	未知	1.0.2t-1~deb9u1	1.0.2u-1~deb9u5	openssl1.0 - security update 漏洞详情: 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libgnutls30	DLA-2759-1	未知	3.5.8-5+deb9u4	3.5.8-5+deb9u6	gnutls28 - security update 漏洞详情: 镜像层: sha256:4cc8d7710aafbee1f6c1893e4631877937378bb823db10fe3be534ff0a6df4ba 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Java (jar)

低危漏洞:5

中危漏洞:16

高危漏洞:10

严重漏洞:4

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
log4j:log4j	CVE-2019-17571	严重	1.2.17		log4j: deserialization of untrusted data in SocketServer 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17571 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2019-12-20 17:15 修改: 2023-11-07 03:06
log4j:log4j	CVE-2022-23305	严重	1.2.17		log4j: SQL injection in Log4j 1.x when application is configured to use JDBCAppender 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23305 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:30
log4j:log4j	CVE-2022-23307	严重	1.2.17		log4j: Unsafe deserialization flaw in Chainsaw log viewer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23307 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:29
org.apache.zookeeper:zookeeper	CVE-2023-44981	严重	3.4.14	3.7.2, 3.8.3, 3.9.1	zookeeper: Authorization Bypass in Apache ZooKeeper 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-10-11 12:15 修改: 2024-06-21 19:15
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.10.0	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind	CVE-2020-25649	高危	2.10.0	2.6.7.4, 2.9.10.7, 2.10.5.1	jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.10.0	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	高危	2.10.0	2.12.6, 2.13.1	jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
log4j:log4j	CVE-2021-4104	高危	1.2.17		log4j: Remote code execution in Log4j 1.x when application is configured to use JMSAppender 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4104 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-12-14 12:15 修改: 2023-12-22 09:15
log4j:log4j	CVE-2022-23302	高危	1.2.17		log4j: Remote code execution in Log4j 1.x when application is configured to use JMSSink 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23302 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-01-18 16:15 修改: 2023-02-24 15:30
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.10.0	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
org.eclipse.jetty:jetty-server	CVE-2021-28165	高危	9.4.18.v20190429	9.4.39, 10.0.2, 11.0.2	jetty: Resource exhaustion when receiving an invalid large TLS frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28165 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-04-01 15:15 修改: 2023-11-07 03:32
org.xerial.snappy:snappy-java	CVE-2023-34455	高危	1.1.7.3	1.1.10.1	snappy-java: Unchecked chunk length leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17
org.xerial.snappy:snappy-java	CVE-2023-43642	高危	1.1.7.3	1.1.10.4	snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46
org.apache.kafka:kafka_2.11	CVE-2021-38153	中危	2.3.1		Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38153 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-09-22 09:15 修改: 2023-11-07 03:37
com.google.guava:guava	CVE-2023-2976	中危	20.0	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.eclipse.jetty:jetty-http	CVE-2023-40167	中危	9.4.18.v20190429	9.4.52, 10.0.16, 11.0.16, 12.0.1	jetty: Improper validation of HTTP/1 content-length 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.eclipse.jetty:jetty-http	CVE-2024-6763	中危	9.4.18.v20190429	12.0.12	org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
com.google.guava:guava	CVE-2018-10237	中危	20.0	24.1.1-android	guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
org.eclipse.jetty:jetty-server	CVE-2020-27218	中危	9.4.18.v20190429	9.4.35.v20201120	jetty: buffer not correctly recycled in Gzip Request inflation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27218 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2020-11-28 01:15 修改: 2024-02-16 16:46
org.eclipse.jetty:jetty-server	CVE-2020-27223	中危	9.4.18.v20190429	9.4.37, 10.0.1, 11.0.1	jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27223 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-02-26 22:15 修改: 2023-11-07 03:20
org.eclipse.jetty:jetty-server	CVE-2023-26048	中危	9.4.18.v20190429	9.4.51.v20230217, 10.0.14, 11.0.14	jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
org.eclipse.jetty:jetty-server	CVE-2024-8184	中危	9.4.18.v20190429	12.0.9, 10.0.24, 11.0.24, 9.4.56	org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-servlets	CVE-2021-28169	中危	9.4.18.v20190429	9.4.41, 10.0.3, 11.0.3	jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28169 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-06-09 02:15 修改: 2023-11-07 03:32
org.eclipse.jetty:jetty-servlets	CVE-2024-9823	中危	9.4.18.v20190429	9.4.54, 10.0.18, 11.0.18	org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9823 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2024-10-14 15:15 修改: 2024-10-15 12:57
org.glassfish.jersey.core:jersey-common	CVE-2021-28168	中危	2.28	2.34, 3.0.2	jersey: Local information disclosure via system temporary directory 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28168 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-04-22 18:15 修改: 2023-11-07 03:32
org.apache.kafka:kafka-clients	CVE-2021-38153	中危	2.3.1	2.6.3, 2.7.2, 2.8.1	Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-38153 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-09-22 09:15 修改: 2023-11-07 03:37
org.apache.kafka:kafka-clients	CVE-2024-31141	中危	2.3.1	3.7.1	kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-31141 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2024-11-19 09:15 修改: 2024-11-19 21:57
org.xerial.snappy:snappy-java	CVE-2023-34453	中危	1.1.7.3	1.1.10.1	snappy-java: Integer overflow in shuffle leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59
org.xerial.snappy:snappy-java	CVE-2023-34454	中危	1.1.7.3	1.1.10.1	snappy-java: Integer overflow in compress leads to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-06-15 17:15 修改: 2024-12-12 17:15
org.eclipse.jetty:jetty-server	CVE-2021-34428	低危	9.4.18.v20190429	9.4.41, 10.0.3, 11.0.3	jetty: SessionListener can prevent a session from being invalidated breaking logout 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-34428 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2021-06-22 15:15 修改: 2023-11-07 03:35
org.eclipse.jetty:jetty-server	CVE-2023-26049	低危	9.4.18.v20190429	9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0	jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
org.eclipse.jetty:jetty-http	CVE-2022-2047	低危	9.4.18.v20190429	9.4.47, 10.0.10, 11.0.10	jetty-http: improver hostname input handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
com.google.guava:guava	CVE-2020-8908	低危	20.0	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.eclipse.jetty:jetty-servlets	CVE-2023-36479	低危	9.4.18.v20190429	9.4.52, 10.0.16, 11.0.16	jetty: Improper addition of quotation marks to user inputs in CgiServlet 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36479 镜像层: sha256:cb41b7992be5cd1d1301dfc7384b5a9aa123911e1e108b31b25371c9beb1e2cd 发布日期: 2023-09-15 19:15 修改: 2023-10-16 19:20