docker.io/elasticsearch:8.12.0 linux/arm64

docker.io/elasticsearch:8.12.0 - Trivy安全扫描结果 扫描时间: 2026-07-03 16:43 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:30 中危漏洞:151 高危漏洞:47 严重漏洞:4

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2026-07-03 16:43

docker.io/elasticsearch:8.12.0 (ubuntu 20.04) (ubuntu)
低危漏洞:26 中危漏洞:55 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bsdutils CVE-2024-28085 中危 1:2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

curl CVE-2024-2398 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.22 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24

curl CVE-2024-7264 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19

curl CVE-2024-8096 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21

fdisk CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

gpgv CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08

libblkid1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libc-bin CVE-2024-2961 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.15 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25

libc-bin CVE-2024-33599 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33600 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33601 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33602 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2025-0395 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26

libc-bin CVE-2025-4802 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libc6 CVE-2024-2961 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.15 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25

libc6 CVE-2024-33599 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33600 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33601 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33602 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2025-0395 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26

libc6 CVE-2025-4802 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libcurl4 CVE-2024-2398 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.22 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24

libcurl4 CVE-2024-7264 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19

libcurl4 CVE-2024-8096 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21

libfdisk1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libgnutls30 CVE-2024-12243 中危 3.6.13-2ubuntu1.10 3.6.13-2ubuntu1.12 gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59

libgnutls30 CVE-2024-28834 中危 3.6.13-2ubuntu1.10 3.6.13-2ubuntu1.11 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-21 14:15 修改: 2026-06-17 07:21

libgssapi-krb5-2 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libgssapi-krb5-2 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libgssapi-krb5-2 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libgssapi-krb5-2 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libgssapi-krb5-2 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libk5crypto3 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libk5crypto3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libk5crypto3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libk5crypto3 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libk5crypto3 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5-3 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libkrb5-3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libkrb5-3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libkrb5-3 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libkrb5-3 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5support0 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libkrb5support0 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libkrb5support0 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libkrb5support0 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libkrb5support0 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libmount1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libnghttp2-14 CVE-2024-28182 中危 1.40.0-1ubuntu0.2 1.40.0-1ubuntu0.3 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-04-04 15:15 修改: 2026-06-17 07:21

libsmartcols1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libsqlite3-0 CVE-2025-29088 中危 3.31.1-4ubuntu0.6 3.31.1-4ubuntu0.7 sqlite: Denial of Service in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-04-10 14:15 修改: 2026-06-17 09:05

libtasn1-6 CVE-2024-12133 中危 4.16.0-2 4.16.0-2ubuntu0.1 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2025-02-10 16:15 修改: 2026-06-30 03:16

libuuid1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

mount CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

util-linux CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libkrb5support0 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5support0 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libk5crypto3 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5-3 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5-3 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libk5crypto3 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libssl1.1 CVE-2023-5678 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

libssl1.1 CVE-2024-0727 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

libssl1.1 CVE-2024-13176 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

libssl1.1 CVE-2024-2511 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

libssl1.1 CVE-2024-4741 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

libssl1.1 CVE-2024-5535 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

libssl1.1 CVE-2024-9143 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

libcurl4 CVE-2024-11053 低危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.25 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56

libgssapi-krb5-2 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

login CVE-2023-4641 低危 1:4.8.1-1ubuntu5.20.04.4 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38

libgssapi-krb5-2 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

openssl CVE-2023-5678 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

openssl CVE-2024-0727 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

openssl CVE-2024-13176 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

openssl CVE-2024-2511 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

openssl CVE-2024-4741 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

openssl CVE-2024-5535 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

openssl CVE-2024-9143 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

passwd CVE-2023-4641 低危 1:4.8.1-1ubuntu5.20.04.4 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:956c99b07a411a286d30e71338d3057196d7edbe72fe5f13f51008029cc0ffdf

发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38

curl CVE-2024-11053 低危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.25 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:51f9166b74282beb0f336ff8355115c4e8ab48b60466e796d7a1841fe16c1bb9

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56

Java (jar)
低危漏洞:4 中危漏洞:96 高危漏洞:47 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.tika:tika-core CVE-2025-66516 严重 2.7.0 3.2.2 tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66516

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-04 17:15 修改: 2026-06-17 09:56

org.apache.tika:tika-parser-pdf-module CVE-2025-54988 严重 2.7.0 3.2.2 org.apache.tika/tika-parser-pdf-module: Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-54988

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-08-20 20:15 修改: 2026-06-17 09:41

org.apache.tika:tika-parser-pdf-module CVE-2025-66516 严重 2.7.0 3.2.2 tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66516

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-04 17:15 修改: 2026-06-17 09:56

org.bouncycastle:bcprov-jdk18on CVE-2025-14813 严重 1.76 1.80.2, 1.81.1, 1.84 bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-07-02 12:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-07-02 12:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-07-02 12:17

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.9 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.9 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19

com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.23 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42

commons-io:commons-io CVE-2024-47554 高危 2.11.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57

io.netty:netty-codec CVE-2026-42583 高危 4.1.94.Final 4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.94.Final 4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.94.Final 4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-dns CVE-2026-42579 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.94.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.94.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.94.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http2 CVE-2025-55163 高危 4.1.94.Final 4.2.4.Final, 4.1.124.Final netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41

io.netty:netty-codec-http2 CVE-2026-33871 高危 4.1.94.Final 4.1.132.Final, 4.2.11.Final netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-03-27 20:16 修改: 2026-06-30 03:18

io.netty:netty-codec-http2 CVE-2026-42587 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-07-01 13:17

io.netty:netty-codec-http2 GHSA-xpw8-rcwv-8f8p 高危 4.1.94.Final 4.1.100.Final io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2023-10-10 22:22 修改: 2023-11-06 22:08

io.netty:netty-handler CVE-2025-24970 高危 4.1.94.Final 4.1.118.Final io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59

io.netty:netty-handler CVE-2025-24970 高危 4.1.94.Final 4.1.118.Final io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59

io.netty:netty-handler CVE-2025-24970 高危 4.1.94.Final 4.1.118.Final io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59

io.netty:netty-handler CVE-2026-44249 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-11 22:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-11 22:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-11 22:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 15:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 15:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 15:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-07-02 12:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-07-02 12:17

io.netty:netty-resolver-dns CVE-2026-45674 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 15:16 修改: 2026-06-30 03:20

io.netty:netty-resolver-dns CVE-2026-47691 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

net.minidev:json-smart CVE-2023-1370 高危 2.4.8 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2023-03-22 06:15 修改: 2026-06-17 05:27

com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.13.4 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.13.4.2 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.13.4.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-07-02 12:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

org.lz4:lz4-java CVE-2025-12183 高危 1.8.0 1.8.1 lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31

org.lz4:lz4-java CVE-2025-66566 高危 1.8.0 lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.94.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.94.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.94.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.94.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.94.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.94.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.94.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.94.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.94.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54

io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.94.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-06-30 03:20

io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-common CVE-2024-47535 中危 4.1.94.Final 4.1.115.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57

io.netty:netty-common CVE-2024-47535 中危 4.1.94.Final 4.1.115.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57

io.netty:netty-common CVE-2024-47535 中危 4.1.94.Final 4.1.115.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57

io.netty:netty-common CVE-2025-25193 中危 4.1.94.Final 4.1.118.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00

io.netty:netty-common CVE-2025-25193 中危 4.1.94.Final 4.1.118.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00

io.netty:netty-common CVE-2025-25193 中危 4.1.94.Final 4.1.118.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.nimbusds:nimbus-jose-jwt CVE-2025-53864 中危 9.23 10.0.2, 9.37.4 com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39

com.sun.mail:jakarta.mail CVE-2025-7962 中危 1.6.3 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-07-21 18:15 修改: 2026-06-23 12:16

com.sun.mail:jakarta.mail CVE-2025-7962 中危 1.6.4 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-07-21 18:15 修改: 2026-06-23 12:16

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.13.4 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-databind CVE-2026-50193 中危 2.13.4.2 2.14.0 jackson-databind: Jackson-databind: Denial of Service via deeply nested JSON processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50193

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:05

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.13.4.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.netty:netty-codec CVE-2025-58057 中危 4.1.94.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.94.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.94.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.13.4.2 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

io.netty:netty-resolver-dns CVE-2026-45673 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.opentelemetry:opentelemetry-api CVE-2026-45292 中危 1.31.0 1.62.0 opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-28 17:16 修改: 2026-07-02 12:17

io.projectreactor.netty:reactor-netty-http CVE-2025-22227 中危 1.0.39 1.3.0-M5, 1.2.8 io.projectreactor.netty/reactor-netty: Reactor Netty Credential Leak via Redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22227

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-07-16 10:15 修改: 2026-06-17 08:45

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

org.apache.commons:commons-compress CVE-2024-25710 中危 1.24.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16

org.apache.commons:commons-compress CVE-2024-26308 中危 1.24.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:17

org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.12.0 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30

org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.9 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30

org.apache.james:apache-mime4j-core CVE-2024-21742 中危 0.8.9 0.8.10 Mime4J: Mime4J DOM header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21742

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-02-27 17:15 修改: 2026-06-17 07:10

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.12.4 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58

org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.12.4 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.12.4 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.19.0 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58

org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.poi:poi-ooxml CVE-2025-31672 中危 5.2.3 5.4.0 org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31672

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-04-09 12:15 修改: 2026-06-17 09:10

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

org.bouncycastle:bc-fips CVE-2024-29857 中危 1.0.2.4 1.0.2.5 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23

org.bouncycastle:bc-fips CVE-2025-8885 中危 1.0.2.4 1.0.2.6, 2.0.1 bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk18on CVE-2025-8916 中危 1.76 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk18on CVE-2026-5588 中危 1.76 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

org.bouncycastle:bcprov-jdk18on CVE-2024-29857 中危 1.76 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23

org.bouncycastle:bcprov-jdk18on CVE-2024-30171 中危 1.76 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26

org.bouncycastle:bcprov-jdk18on CVE-2024-30172 中危 1.76 1.78 org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26

org.bouncycastle:bcprov-jdk18on CVE-2024-34447 中危 1.76 1.78 org.bouncycastle: Use of Incorrectly-Resolved Name or Reference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-05-03 16:15 修改: 2026-06-17 07:33

org.bouncycastle:bcprov-jdk18on CVE-2025-8885 中危 1.76 1.78 bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcprov-jdk18on CVE-2026-0636 中危 1.76 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17

org.elasticsearch.plugin:x-pack-core CVE-2025-68390 中危 8.12.0 8.19.8, 9.1.8, 9.2.2 elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68390

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-18 23:15 修改: 2026-06-17 09:59

org.elasticsearch.plugin:x-pack-security CVE-2025-68384 中危 8.12.0 8.19.9, 9.1.9, 9.2.3 elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68384

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-18 22:16 修改: 2026-06-17 09:59

org.elasticsearch:elasticsearch CVE-2024-23444 中危 8.12.0 8.13.0, 7.17.23 Elasticsearch stores private key on disk unencrypted

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-07-31 18:15 修改: 2026-06-17 07:12

org.elasticsearch:elasticsearch CVE-2024-23450 中危 8.12.0 7.17.19, 8.13.0 elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23450

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-03-27 17:15 修改: 2026-06-17 07:12

org.elasticsearch:elasticsearch CVE-2024-23451 中危 8.12.0 8.13.0 elasticsearch: Incorrect authorization issue in Remote Cluster Security

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23451

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2024-03-27 18:15 修改: 2026-06-17 07:12

org.elasticsearch:elasticsearch CVE-2024-43709 中危 8.12.0 7.17.21, 8.13.3 elasticsearch: Elasticsearch allocation of resources without limits or throttling leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43709

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-01-21 11:15 修改: 2026-06-17 07:51

org.elasticsearch:elasticsearch CVE-2024-52979 中危 8.12.0 7.17.25, 8.16.0 elasticsearch: Elasticsearch Uncontrolled Resource Consumption vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52979

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-05-01 14:15 修改: 2026-06-17 08:07

org.elasticsearch:elasticsearch CVE-2024-52980 中危 8.12.0 8.15.1 Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52980

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-04-08 17:15 修改: 2026-06-17 08:07

org.elasticsearch:elasticsearch CVE-2024-52981 中危 8.12.0 7.17.24, 8.15.1 Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52981

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-04-08 17:15 修改: 2026-06-17 08:07

org.elasticsearch:elasticsearch CVE-2025-37727 中危 8.12.0 8.18.8, 8.19.5, 9.0.8, 9.1.5 org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15

org.elasticsearch:elasticsearch CVE-2025-37731 中危 8.12.0 8.19.8, 9.1.8, 9.2.2 elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.94.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.94.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-handler-proxy CVE-2026-42578 低危 4.1.94.Final 4.1.133.Final, 4.2.13.Final netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.94.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:7023b7ff97f63f973128e219d9b7eaa049d86e9d09ec9b97f531e4249b21b335

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×