docker.io/hasura/graphql-data-connector:v2.49.4 linux/amd64

docker.io/hasura/graphql-data-connector:v2.49.4 - Trivy安全扫描结果 扫描时间: 2026-07-09 15:13
全部漏洞信息
低危漏洞:1 中危漏洞:8 高危漏洞:3 严重漏洞:0

系统OS: redhat 10.2 扫描引擎: Trivy 扫描时间: 2026-07-09 15:13

docker.io/hasura/graphql-data-connector:v2.49.4 (redhat 10.2) (redhat)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
Java (jar)
低危漏洞:1 中危漏洞:8 高危漏洞:3 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.21.2 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 21:17 修改: 2026-07-03 13:17

com.microsoft.sqlserver:mssql-jdbc CVE-2025-59250 高危 13.2.1 10.2.4.jre11, 11.2.4.jre11, 12.2.1.jre11, 12.6.5.jre11, 12.8.2.jre11, 12.10.2.jre11, 13.2.1.jre11 JDBC Driver for SQL Server has improper input validation issue

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59250

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2025-10-14 17:16 修改: 2026-06-17 09:45

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.21.2 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54516 中危 2.21.2 2.21.4, 3.1.4 jackson-databind: jackson-databind: Security bypass due to improper handling of renamed properties

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54516

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:52

com.fasterxml.jackson.core:jackson-databind CVE-2026-54517 中危 2.21.2 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information disclosure via improper JsonView filter application

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54517

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:51

com.fasterxml.jackson.core:jackson-databind CVE-2026-54518 中危 2.21.2 2.21.4 jackson-databind: jackson-databind: Information disclosure and data manipulation via view-based access control bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54518

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 22:16 修改: 2026-06-27 20:49

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.21.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.opentelemetry:opentelemetry-api CVE-2026-45292 中危 1.57.0 1.62.0 opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-05-28 17:16 修改: 2026-07-06 13:16

io.opentelemetry:opentelemetry-extension-trace-propagators CVE-2026-45292 中危 1.57.0 1.62.0 opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-05-28 17:16 修改: 2026-07-06 13:16

io.vertx:vertx-core CVE-2026-6860 中危 4.5.26 4.5.27, 5.0.12 eclipse-vertx/vert.x: eclipse-vertx/vert.x: Denial of Service via TLS handshake with wildcard server name

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6860

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-05-06 10:16 修改: 2026-06-17 11:01

net.snowflake:snowflake-jdbc CVE-2026-3293 低危 3.28.0 snowflake-jdbc: snowflake-jdbc: Denial of Service via inefficient regular expression processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3293

镜像层: sha256:55ca07aa2636df9979b4c5e8fe120e02bbd0cbd09736ce53fd6fc28304efd2af

发布日期: 2026-02-27 06:18 修改: 2026-06-17 10:43

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×