docker.io/elastic/elasticsearch:8.18.8 linux/amd64

docker.io/elastic/elasticsearch:8.18.8 - Trivy安全扫描结果扫描时间: 2026-06-29 17:32

全部漏洞信息

低危漏洞:85

中危漏洞:156

高危漏洞:53

严重漏洞:0

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2026-06-29 17:32

docker.io/elastic/elasticsearch:8.18.8 (ubuntu 24.04) (ubuntu)

低危漏洞:84

中危漏洞:83

高危漏洞:3

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
gpgv	CVE-2025-68973	高危	2.4.4-2ubuntu17.3	2.4.4-2ubuntu17.4	GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
libssl3t64	CVE-2026-45447	高危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
openssl	CVE-2026-45447	高危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
curl	CVE-2026-1965	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
curl	CVE-2026-3783	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
curl	CVE-2026-5545	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
curl	CVE-2026-6253	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
curl	CVE-2026-6429	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
curl	CVE-2026-7168	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
curl	CVE-2026-8927	中危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
dpkg	CVE-2026-2219	中危	1.22.6ubuntu6.5	1.22.6ubuntu6.6	It was discovered that dpkg-deb (a component of dpkg, the Debian packa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2219 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-07 09:16 修改: 2026-06-17 10:30
bsdutils	CVE-2026-27456	中危	1:2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libblkid1	CVE-2026-27456	中危	2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libc-bin	CVE-2025-15281	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
libc-bin	CVE-2026-0861	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
libc-bin	CVE-2026-0915	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
libc-bin	CVE-2026-4046	中危	2.39-0ubuntu8.6		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc-bin	CVE-2026-4437	中危	2.39-0ubuntu8.6		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-bin	CVE-2026-4438	中危	2.39-0ubuntu8.6		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc-bin	CVE-2026-5435	中危	2.39-0ubuntu8.6		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc-bin	CVE-2026-6238	中危	2.39-0ubuntu8.6		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libc6	CVE-2025-15281	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
libc6	CVE-2026-0861	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: Integer overflow in memalign leads to heap corruption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
libc6	CVE-2026-0915	中危	2.39-0ubuntu8.6	2.39-0ubuntu8.7	glibc: glibc: Information disclosure via zero-valued network query 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
libc6	CVE-2026-4046	中危	2.39-0ubuntu8.6		glibc: glibc: Denial of Service via iconv() function with specific character sets 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
libc6	CVE-2026-4437	中危	2.39-0ubuntu8.6		glibc: glibc: Incorrect DNS response parsing via crafted DNS server response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc6	CVE-2026-4438	中危	2.39-0ubuntu8.6		glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
libc6	CVE-2026-5435	中危	2.39-0ubuntu8.6		glibc: glibc: Out-of-bounds write via TSIG record processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-28 13:19 修改: 2026-06-17 10:59
libc6	CVE-2026-6238	中危	2.39-0ubuntu8.6		glibc: glibc: Application crash or uninitialized memory read via crafted DNS response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-28 19:37 修改: 2026-06-19 21:17
libcap2	CVE-2026-4878	中危	1:2.66-5ubuntu2.2	1:2.66-5ubuntu2.4	libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-09 16:16 修改: 2026-06-27 08:16
libcurl4t64	CVE-2025-14017	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
libcurl4t64	CVE-2026-11856	中危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64	CVE-2026-1965	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	curl: curl: Authentication bypass due to incorrect connection reuse with Negotiate authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1965 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-11 11:15 修改: 2026-06-17 10:16
libcurl4t64	CVE-2026-3783	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3783 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl4t64	CVE-2026-5545	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Authentication bypass due to incorrect HTTP Negotiate connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5545 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
libcurl4t64	CVE-2026-6253	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6253 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl4t64	CVE-2026-6429	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Credential leak via reused proxy connection during HTTP redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6429 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl4t64	CVE-2026-7168	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Information disclosure via incorrect Proxy-Authorization header reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7168 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:01
libcurl4t64	CVE-2026-8927	中危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8927 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libgcrypt20	CVE-2026-41989	中危	1.10.3-2build1	1.10.3-2ubuntu0.1	Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-23 05:16 修改: 2026-06-17 10:47
libgnutls30t64	CVE-2025-14831	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.5	gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-02-09 15:16 修改: 2026-06-25 04:17
libgnutls30t64	CVE-2026-33845	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-30 18:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-33846	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-04 10:15 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-3832	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-30 18:16 修改: 2026-06-24 17:16
libgnutls30t64	CVE-2026-3833	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-30 18:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-42009	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-18 13:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-42010	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Authentication Bypass via NUL Character in Username 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-07 12:16 修改: 2026-06-26 11:16
libgnutls30t64	CVE-2026-42011	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Security bypass due to incorrect name constraint handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-07 15:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-42012	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-26 22:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-42013	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-26 22:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-42014	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-06-16 02:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-42015	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-26 22:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-5260	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Information disclosure via heap overread in RSA key exchange 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-26 22:16 修改: 2026-06-26 08:16
libgnutls30t64	CVE-2026-5419	中危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.6	gnutls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-06-01 21:16 修改: 2026-06-26 08:16
libmount1	CVE-2026-27456	中危	2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libnghttp2-14	CVE-2026-27135	中危	1.59.0-1ubuntu0.2	1.59.0-1ubuntu0.3	nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-18 18:16 修改: 2026-06-17 10:26
libsmartcols1	CVE-2026-27456	中危	2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
libssh-4	CVE-2026-0964	中危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.3	libssh: Improper sanitation of paths received from SCP servers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-4	CVE-2026-0967	中危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.3	libssh: libssh: Denial of Service via inefficient regular expression processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-4	CVE-2026-0968	中危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.3	libssh: libssh: Denial of Service due to malformed SFTP message 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-4	CVE-2026-3731	中危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.4	libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3731 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-08 11:15 修改: 2026-06-17 10:44
curl	CVE-2025-14017	中危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: curl: Security bypass due to global TLS option changes in multi-threaded LDAPS transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14017 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:35
libssl3t64	CVE-2025-15467	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
libssl3t64	CVE-2026-31790	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libssl3t64	CVE-2026-34182	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3t64	CVE-2026-45445	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libsystemd0	CVE-2026-29111	中危	255.4-1ubuntu8.10	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
libsystemd0	CVE-2026-40225	中危	255.4-1ubuntu8.10	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libsystemd0	CVE-2026-40226	中危	255.4-1ubuntu8.10	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libtasn1-6	CVE-2025-13151	中危	4.19.0-3ubuntu0.24.04.1	4.19.0-3ubuntu0.24.04.2	libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
libudev1	CVE-2026-29111	中危	255.4-1ubuntu8.10	255.4-1ubuntu8.14	systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
libudev1	CVE-2026-40225	中危	255.4-1ubuntu8.10	255.4-1ubuntu8.14	systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libudev1	CVE-2026-40226	中危	255.4-1ubuntu8.10	255.4-1ubuntu8.16	systemd: systemd nspawn: Escape-to-host action via crafted config file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libuuid1	CVE-2026-27456	中危	2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
mount	CVE-2026-27456	中危	2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
curl	CVE-2026-11856	中危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-11856 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
openssl	CVE-2025-15467	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
openssl	CVE-2026-31790	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
openssl	CVE-2026-34182	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl	CVE-2026-45445	中危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: AES-OCB IV Ignored on EVP_Cipher() Path 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
perl-base	CVE-2026-42496	中危	5.38.2-3.2ubuntu0.2	5.38.2-3.2ubuntu0.3	perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-26 02:16 修改: 2026-06-17 10:47
perl-base	CVE-2026-8376	中危	5.38.2-3.2ubuntu0.2	5.38.2-3.2ubuntu0.3	Perl versions through 5.43.10 have a heap buffer overflow when compili ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8376 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-05-26 00:16 修改: 2026-06-17 11:03
sed	CVE-2026-5958	中危	4.9-2build1	4.9-2ubuntu0.24.04.1	sed: GNU sed TOCTOU race condition 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-20 12:16 修改: 2026-06-17 10:59
tar	CVE-2025-45582	中危	1.35+dfsg-3build1		tar: Tar path traversal 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2025-07-11 17:15 修改: 2026-06-17 09:25
tar	CVE-2026-5704	中危	1.35+dfsg-3build1	1.35+dfsg-3ubuntu0.1	tar: tar: Hidden file injection via crafted archives 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-06 16:16 修改: 2026-06-17 10:59
util-linux	CVE-2026-27456	中危	2.39.3-9ubuntu6.3		util-linux: TOCTOU in the mount program when setting up loop devices 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-03 22:16 修改: 2026-06-17 10:27
curl	CVE-2026-12064	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	CVE-2026-3784	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
curl	CVE-2026-4873	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
libgnutls30t64	CVE-2025-9820	低危	3.8.3-1.1ubuntu3.4	3.8.3-1.1ubuntu3.5	gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-01-26 20:16 修改: 2026-06-25 08:16
liblzma5	CVE-2026-34743	低危	5.6.1+really5.4.5-1ubuntu0.2	5.6.1+really5.4.5-1ubuntu0.3	xz: XZ Utils: Denial of Service via buffer overflow in index decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-02 19:21 修改: 2026-06-17 10:39
curl	CVE-2026-5773	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
curl	CVE-2026-6276	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl4t64	CVE-2025-0167	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
libcurl4t64	CVE-2025-10148	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: predictable WebSocket mask 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
libcurl4t64	CVE-2025-14524	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
libcurl4t64	CVE-2025-14819	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: libcurl: Improper certificate validation due to cached TLS settings reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
libcurl4t64	CVE-2025-15079	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
libssh-4	CVE-2025-8114	低危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.2	libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2025-07-24 15:15 修改: 2026-06-25 05:16
libssh-4	CVE-2025-8277	低危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.3	libssh: Memory Exhaustion via Repeated Key Exchange in libssh 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2025-09-09 12:15 修改: 2026-06-25 08:16
libssh-4	CVE-2026-0965	低危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.3	libssh: libssh: Denial of Service via improper configuration file handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libssh-4	CVE-2026-0966	低危	0.10.6-2ubuntu0.1	0.10.6-2ubuntu0.3	libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
libcurl4t64	CVE-2025-15224	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
libcurl4t64	CVE-2026-10536	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64	CVE-2026-12064	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-12064 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64	CVE-2026-3784	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	curl: curl: Unauthorized access due to improper HTTP proxy connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3784 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-03-11 11:16 修改: 2026-06-17 10:44
libcurl4t64	CVE-2026-4873	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: curl: Information disclosure due to incorrect TLS connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4873 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:57
libssl3t64	CVE-2025-68160	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
libssl3t64	CVE-2025-69418	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3t64	CVE-2025-69419	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3t64	CVE-2025-69420	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3t64	CVE-2025-69421	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
libssl3t64	CVE-2026-22795	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
libssl3t64	CVE-2026-22796	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
libssl3t64	CVE-2026-28387	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3t64	CVE-2026-28388	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3t64	CVE-2026-28389	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3t64	CVE-2026-28390	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
libssl3t64	CVE-2026-31789	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
libssl3t64	CVE-2026-34180	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
libssl3t64	CVE-2026-42766	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3t64	CVE-2026-42767	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3t64	CVE-2026-42770	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
libssl3t64	CVE-2026-45446	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
libssl3t64	CVE-2026-7383	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
libssl3t64	CVE-2026-9076	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
libcurl4t64	CVE-2026-5773	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Wrong file transfer due to incorrect SMB connection reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5773 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 10:59
libcurl4t64	CVE-2026-6276	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.9	curl: libcurl: Information disclosure due to cookie leak when reusing connections with custom Host headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6276 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-05-13 13:01 修改: 2026-06-17 11:00
libcurl4t64	CVE-2026-8286	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libsystemd0	CVE-2026-40228	低危	255.4-1ubuntu8.10		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
libcurl4t64	CVE-2026-8458	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64	CVE-2026-8924	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64	CVE-2026-8932	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8932 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libcurl4t64	CVE-2026-9547	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libudev1	CVE-2026-40228	低危	255.4-1ubuntu8.10		systemd: systemd-journald: Unintended output to user terminals via logger command 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:44
curl	CVE-2026-8286	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8286 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
login	CVE-2024-56433	低危	1:4.13+dfsg1-4ubuntu3.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
libgcrypt20	CVE-2024-2236	低危	1.10.3-2build1		libgcrypt: vulnerable to Marvin Attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2024-03-06 22:15 修改: 2026-06-17 07:24
curl	CVE-2026-8458	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8458 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	CVE-2026-8924	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8924 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	CVE-2026-8932	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8932 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	CVE-2026-9547	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9547 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
curl	CVE-2025-0167	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.8	When asked to use a `.netrc` file for credentials and to follow HT ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0167 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2025-02-05 10:15 修改: 2026-06-17 08:25
openssl	CVE-2025-68160	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
openssl	CVE-2025-69418	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-69419	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-69420	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed TimeStamp Response 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2025-69421	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
openssl	CVE-2026-22795	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl	CVE-2026-22796	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.7	openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
openssl	CVE-2026-28387	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28388	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28389	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service vulnerability in CMS processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-28390	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
openssl	CVE-2026-31789	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.9	openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
openssl	CVE-2026-34180	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure. 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
openssl	CVE-2026-42766	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Possible NULL Dereference in Password-Based CMS Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-42767	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-42770	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: FFC-DH Peer Validation Uses Attacker-Supplied q 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
openssl	CVE-2026-45446	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
openssl	CVE-2026-7383	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
openssl	CVE-2026-9076	低危	3.0.13-0ubuntu3.6	3.0.13-0ubuntu3.11	openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
passwd	CVE-2024-56433	低危	1:4.13+dfsg1-4ubuntu3.2		shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
curl	CVE-2025-10148	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: predictable WebSocket mask 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-10148 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2025-09-12 06:15 修改: 2026-06-17 08:27
curl	CVE-2025-14524	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: Information disclosure via cross-protocol redirect with OAuth2 bearer token 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14524 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
curl	CVE-2025-14819	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: libcurl: Improper certificate validation due to cached TLS settings reuse 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14819 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:36
curl	CVE-2025-15079	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: Host verification bypass during SSH transfers 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15079 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
curl	CVE-2025-15224	低危	8.5.0-2ubuntu10.6	8.5.0-2ubuntu10.7	curl: libssh key passphrase bypass without agent set 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15224 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 2026-01-08 10:15 修改: 2026-06-17 08:37
curl	CVE-2026-10536	低危	8.5.0-2ubuntu10.6		漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10536 镜像层: sha256:d53734badcc35e7a79ec2a7798600d1e6b8dfb46e36a65d0958e106afee8bd62 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
zlib1g	CVE-2026-27171	低危	1:1.3.dfsg-3.1ubuntu2.1		zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171 镜像层: sha256:65b08cd99c6053451d2752c3a9a1c048ca23ff1151f0985f5772d898a1efb816 发布日期: 2026-02-18 04:16 修改: 2026-06-17 10:26

Java (jar)

低危漏洞:1

中危漏洞:73

高危漏洞:50

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54512	高危	2.15.0	2.18.8, 3.1.4, 2.21.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54512	高危	2.15.0	2.18.8, 3.1.4, 2.21.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54512	高危	2.15.0	2.18.8, 3.1.4, 2.21.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54512	高危	2.15.0	2.18.8, 3.1.4, 2.21.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54512	高危	2.15.0	2.18.8, 3.1.4, 2.21.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54513	高危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54513	高危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54513	高危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54513	高危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54513	高危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:00
io.netty:netty-codec	CVE-2026-42583	高危	4.1.126.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec	CVE-2026-42583	高危	4.1.126.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec	CVE-2026-42583	高危	4.1.126.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec	CVE-2026-42583	高危	4.1.126.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-dns	CVE-2026-42579	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-dns	CVE-2026-42579	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-33870	高危	4.1.126.Final	4.1.132.Final, 4.2.10.Final	io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http	CVE-2026-33870	高危	4.1.126.Final	4.1.132.Final, 4.2.10.Final	io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http	CVE-2026-33870	高危	4.1.126.Final	4.1.132.Final, 4.2.10.Final	io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http	CVE-2026-33870	高危	4.1.126.Final	4.1.132.Final, 4.2.10.Final	io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http2	CVE-2026-33871	高危	4.1.126.Final	4.1.132.Final, 4.2.11.Final	netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http2	CVE-2026-33871	高危	4.1.126.Final	4.1.132.Final, 4.2.11.Final	netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-handler	CVE-2026-44249	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-44249	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-44249	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-44249	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler	CVE-2026-45416	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-45416	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-45416	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-45416	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler	CVE-2026-50010	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler	CVE-2026-50010	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler	CVE-2026-50010	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-handler	CVE-2026-50010	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-resolver-dns	CVE-2026-45674	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-resolver-dns	CVE-2026-45674	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-resolver-dns	CVE-2026-47691	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-resolver-dns	CVE-2026-47691	高危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
org.lz4:lz4-java	CVE-2025-12183	高危	1.8.0	1.8.1	lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31
org.lz4:lz4-java	CVE-2025-66566	高危	1.8.0		lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54514	中危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
io.netty:netty-codec-http	CVE-2025-67735	中危	4.1.126.Final	4.2.8.Final, 4.1.129.Final	netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http	CVE-2025-67735	中危	4.1.126.Final	4.2.8.Final, 4.1.129.Final	netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http	CVE-2025-67735	中危	4.1.126.Final	4.2.8.Final, 4.1.129.Final	netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http	CVE-2025-67735	中危	4.1.126.Final	4.2.8.Final, 4.1.129.Final	netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.126.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.126.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.126.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.126.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.126.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http	CVE-2026-50020	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-codec-http	CVE-2026-50020	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-codec-http	CVE-2026-50020	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-codec-http	CVE-2026-50020	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54515	中危	2.15.0	3.1.4, 2.18.9, 2.21.5	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54515	中危	2.15.0	3.1.4, 2.18.9, 2.21.5	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54515	中危	2.15.0	3.1.4, 2.18.9, 2.21.5	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54515	中危	2.15.0	3.1.4, 2.18.9, 2.21.5	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.1.126.Final	4.1.135.Final, 4.2.15.Final	netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.1.126.Final	4.1.135.Final, 4.2.15.Final	netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http2	CVE-2026-50560	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-codec-http2	CVE-2026-50560	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54515	中危	2.15.0	3.1.4, 2.18.9, 2.21.5	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-25 16:14
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.17.2	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.17.2	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	中危	2.15.0	2.21.1, 2.18.6	jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54514	中危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54514	中危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
io.netty:netty-resolver-dns	CVE-2026-45673	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-resolver-dns	CVE-2026-45673	中危	4.1.126.Final	4.2.15.Final, 4.1.135.Final	netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.opentelemetry:opentelemetry-api	CVE-2026-45292	中危	1.31.0	1.62.0	opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-28 17:16 修改: 2026-06-17 10:51
io.projectreactor.netty:reactor-netty-http	CVE-2025-22227	中危	1.0.45	1.3.0-M5, 1.2.8	io.projectreactor.netty/reactor-netty: Reactor Netty Credential Leak via Redirects 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22227 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-07-16 10:15 修改: 2026-06-17 08:45
org.apache.commons:commons-lang3	CVE-2025-48924	中危	3.9	3.18.0	commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.19.0	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.19.0	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.19.0	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.19.0	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core	CVE-2025-68161	中危	2.12.4	2.25.3	Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58
org.apache.logging.log4j:log4j-core	CVE-2026-34477	中危	2.12.4	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core	CVE-2026-34480	中危	2.12.4	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core	CVE-2025-68161	中危	2.19.0	2.25.3	Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58
org.apache.logging.log4j:log4j-core	CVE-2026-34477	中危	2.19.0	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core	CVE-2026-34480	中危	2.19.0	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.bouncycastle:bcpkix-jdk18on	CVE-2026-5588	中危	1.79	1.84	bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-15 10:16 修改: 2026-06-17 10:59
org.bouncycastle:bcprov-jdk18on	CVE-2026-0636	中危	1.79	1.84	bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-04-15 10:16 修改: 2026-06-17 10:11
org.elasticsearch.plugin:x-pack-core	CVE-2025-68390	中危	8.18.8	8.19.8, 9.1.8, 9.2.2	elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68390 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-18 23:15 修改: 2026-06-17 09:59
org.elasticsearch.plugin:x-pack-security	CVE-2025-68384	中危	8.18.8	8.19.9, 9.1.9, 9.2.3	elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68384 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-18 22:16 修改: 2026-06-17 09:59
org.elasticsearch:elasticsearch	CVE-2025-37731	中危	8.18.8	8.19.8, 9.1.8, 9.2.2	elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm 漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54514	中危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
com.fasterxml.jackson.core:jackson-databind	CVE-2026-54514	中危	2.15.0	2.18.8, 2.21.4, 3.1.4	jackson-databind contains the general-purpose data-binding functionali ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
io.netty:netty-handler-proxy	CVE-2026-42578	低危	4.1.126.Final	4.1.133.Final, 4.2.13.Final	netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578 镜像层: sha256:8fae2911930cc1f27e200efebeb84116568c4271a04144b82e7adc86c284d153 发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48