docker.io/heartu41/oracle19c:latest linux/amd64

docker.io/heartu41/oracle19c:latest - Trivy安全扫描结果 扫描时间: 2024-10-27 23:23
全部漏洞信息
低危漏洞:59 中危漏洞:362 高危漏洞:604 严重漏洞:117

系统OS: oracle 7.6 扫描引擎: Trivy 扫描时间: 2024-10-27 23:23

docker.io/heartu41/oracle19c:latest (oracle 7.6) (oracle)
低危漏洞:50 中危漏洞:300 高危漏洞:317 严重漏洞:3
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
nss CVE-2021-43527 严重 3.36.0-7.1.el7_6 3.67.0-4.el7_9 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40
nss-sysinit CVE-2021-43527 严重 3.36.0-7.1.el7_6 3.67.0-4.el7_9 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40
nss-tools CVE-2021-43527 严重 3.36.0-7.1.el7_6 3.67.0-4.el7_9 nss: Memory corruption in decodeECorDsaSignature with DSA signatures (and RSA-PSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43527

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-12-08 22:15 修改: 2023-02-23 01:40
bind-libs CVE-2020-8625 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.4 bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8625

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-17 23:15 修改: 2023-11-07 03:26
bind-libs CVE-2021-25215 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.5 bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25215

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31
bind-libs CVE-2022-38177 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.10 bind: memory leak in ECDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38177

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50
bind-libs CVE-2022-38178 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.10 bind: memory leaks in EdDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38178

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50
bind-libs CVE-2023-2828 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.14 bind: named's configured cache size limit can be significantly exceeded

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2828

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-06-21 17:15 修改: 2023-07-21 19:19
bind-libs CVE-2023-3341 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.15 bind: stack exhaustion in control channel code may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3341

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-20 13:15 修改: 2024-02-16 18:39
bind-libs CVE-2023-4408 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: Parsing large DNS messages may cause excessive CPU load

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02
bind-libs CVE-2023-50387 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-libs CVE-2023-50868 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-libs CVE-2024-1737 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.0.1.P2.el7_9.16 bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1737

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46
bind-libs CVE-2024-1975 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.0.1.P2.el7_9.16 bind9: bind: SIG(0) can be used to exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1975

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46
bind-license CVE-2018-5741 高危 32:9.9.4-74.el7_6.1 32:9.11.4-9.P2.el7 bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5741

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-16 20:29 修改: 2020-10-20 12:15
bind-license CVE-2020-8616 高危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7_8.6 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8616

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-19 14:15 修改: 2023-11-07 03:26
bind-license CVE-2020-8617 高危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7_8.6 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8617

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-19 14:15 修改: 2023-11-07 03:26
bind-license CVE-2020-8625 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.4 bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8625

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-17 23:15 修改: 2023-11-07 03:26
bind-license CVE-2021-25215 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.5 bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25215

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31
bind-license CVE-2022-38177 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.10 bind: memory leak in ECDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38177

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50
bind-license CVE-2022-38178 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.10 bind: memory leaks in EdDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38178

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50
bind-license CVE-2023-2828 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.14 bind: named's configured cache size limit can be significantly exceeded

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2828

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-06-21 17:15 修改: 2023-07-21 19:19
bind-license CVE-2023-3341 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.15 bind: stack exhaustion in control channel code may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3341

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-20 13:15 修改: 2024-02-16 18:39
bind-license CVE-2023-4408 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: Parsing large DNS messages may cause excessive CPU load

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02
bind-license CVE-2023-50387 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-license CVE-2023-50868 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-license CVE-2024-1737 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.0.1.P2.el7_9.16 bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1737

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46
bind-license CVE-2024-1975 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.0.1.P2.el7_9.16 bind9: bind: SIG(0) can be used to exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1975

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46
bind-utils CVE-2018-5741 高危 32:9.9.4-74.el7_6.1 32:9.11.4-9.P2.el7 bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5741

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-16 20:29 修改: 2020-10-20 12:15
bind-utils CVE-2020-8616 高危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7_8.6 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8616

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-19 14:15 修改: 2023-11-07 03:26
bind-utils CVE-2020-8617 高危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7_8.6 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8617

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-19 14:15 修改: 2023-11-07 03:26
bind-utils CVE-2020-8625 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.4 bind: Buffer overflow in the SPNEGO implementation affecting GSSAPI security policy negotiation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8625

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-17 23:15 修改: 2023-11-07 03:26
bind-utils CVE-2021-25215 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.5 bind: An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25215

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31
bind-utils CVE-2022-38177 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.10 bind: memory leak in ECDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38177

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50
bind-utils CVE-2022-38178 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.10 bind: memory leaks in EdDSA DNSSEC verification code

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38178

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:50
bind-utils CVE-2023-2828 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.14 bind: named's configured cache size limit can be significantly exceeded

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2828

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-06-21 17:15 修改: 2023-07-21 19:19
bind-utils CVE-2023-3341 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.15 bind: stack exhaustion in control channel code may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3341

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-20 13:15 修改: 2024-02-16 18:39
bind-utils CVE-2023-4408 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: Parsing large DNS messages may cause excessive CPU load

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4408

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-13 14:15 修改: 2024-10-21 21:02
bind-utils CVE-2023-50387 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50387

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-utils CVE-2023-50868 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.16 bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50868

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-14 16:15 修改: 2024-06-10 17:16
bind-utils CVE-2024-1737 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.0.1.P2.el7_9.16 bind: bind9: BIND's database will be slow if a very large number of RRs exist at the same nam

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1737

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46
bind-utils CVE-2024-1975 高危 32:9.9.4-74.el7_6.1 32:9.11.4-26.0.1.P2.el7_9.16 bind9: bind: SIG(0) can be used to exhaust CPU resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1975

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-23 15:15 修改: 2024-08-01 13:46
curl CVE-2019-5482 高危 7.29.0-51.0.1.el7 7.29.0-54.0.5.el7_7.2 curl: heap buffer overflow in function tftp_receive_packet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5482

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11
cyrus-sasl-lib CVE-2022-24407 高危 2.1.26-23.el7 2.1.26-24.0.1.el7_9 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
dbus CVE-2020-12049 高危 1:1.10.24-13.0.1.el7_6 1:1.10.24-14.0.1.el7_8 dbus: denial of service via file descriptor leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12049

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-06-08 17:15 修改: 2023-06-12 07:15
dbus-libs CVE-2020-12049 高危 1:1.10.24-13.0.1.el7_6 1:1.10.24-14.0.1.el7_8 dbus: denial of service via file descriptor leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12049

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-06-08 17:15 修改: 2023-06-12 07:15
expat CVE-2021-45960 高危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Large number of prefixed XML attributes on a single tag can crash libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-01 19:15 修改: 2022-10-06 19:08
expat CVE-2021-46143 高危 2.1.0-10.el7_3 2.1.0-12.0.1.el7 expat: Integer overflow in doProlog in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-06 04:15 修改: 2022-10-06 19:11
expat CVE-2022-23852 高危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in function XML_GetBuffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-24 02:15 修改: 2022-10-29 02:44
expat CVE-2022-23990 高危 2.1.0-10.el7_3 2.1.0-12.0.1.el7 expat: integer overflow in the doProlog function

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-26 19:15 修改: 2023-11-07 03:44
expat CVE-2022-25235 高危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
expat CVE-2022-25236 高危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
expat CVE-2022-25315 高危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in storeRawNames()

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
expat CVE-2022-40674 高危 2.1.0-10.el7_3 2.1.0-15.0.1.el7_9 expat: a use-after-free in the doContent function in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40674

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-09-14 11:15 修改: 2023-11-07 03:52
glib2 CVE-2021-27219 高危 2.56.1-4.el7_6 2.56.1-9.el7_9 glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27219

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-02-15 17:15 修改: 2023-11-07 03:31
glibc CVE-2019-25013 高危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
glibc CVE-2024-2961 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc CVE-2024-33599 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc CVE-2024-33600 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc CVE-2024-33601 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc CVE-2024-33602 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2019-25013 高危 2.17-260.0.17.el7_6.6 2.17-322.0.2.el7_9 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
glibc-common CVE-2024-2961 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33599 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33600 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33601 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-common CVE-2024-33602 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-devel CVE-2019-25013 高危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
glibc-devel CVE-2024-2961 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-devel CVE-2024-33599 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-devel CVE-2024-33600 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-devel CVE-2024-33601 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-devel CVE-2024-33602 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-headers CVE-2019-25013 高危 2.17-260.0.17.el7_6.6 2.17-322.0.2.el7_9 glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-25013

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-01-04 18:15 修改: 2023-11-09 14:44
glibc-headers CVE-2024-2961 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-04-17 18:15 修改: 2024-07-22 18:15
glibc-headers CVE-2024-33599 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-headers CVE-2024-33600 高危 2.17-260.0.17.el7_6.6 2.17-326.0.9.el7_9.3 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-headers CVE-2024-33601 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
glibc-headers CVE-2024-33602 高危 2.17-260.0.17.el7_6.6 2.17-326.0.6.el7_9.3 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
gzip CVE-2022-1271 高危 1.5-10.el7 1.5-11.el7_9 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
kernel-headers CVE-2017-18551 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18551

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-08-19 02:15 修改: 2023-11-07 02:41
kernel-headers CVE-2017-18595 高危 3.10.0-957.21.3.el7 3.10.0-1127.8.2.el7 kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18595

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-04 21:15 修改: 2024-03-07 17:45
kernel-headers CVE-2018-10853 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: kvm: guest userspace to guest kernel write

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10853

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-11 14:29 修改: 2019-10-03 00:03
kernel-headers CVE-2018-12207 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.2.el7 hw: Machine Check Error on Page Size Change (IFU)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12207

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-14 20:15 修改: 2023-11-07 02:52
kernel-headers CVE-2018-13053 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Integer overflow in the alarm_timer_nsleep function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-13053

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-07-02 12:29 修改: 2019-04-23 17:29
kernel-headers CVE-2018-13093 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: NULL pointer dereference in lookup_slow function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-13093

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-07-03 10:29 修改: 2019-08-06 17:15
kernel-headers CVE-2018-13094 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: NULL pointer dereference in xfs_da_shrink_inode function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-13094

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-07-03 10:29 修改: 2019-04-23 17:29
kernel-headers CVE-2018-13095 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-13095

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-07-03 10:29 修改: 2020-08-24 17:37
kernel-headers CVE-2018-14625 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: use-after-free Read in vhost_transport_send_pkt

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14625

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-10 13:29 修改: 2023-02-13 04:51
kernel-headers CVE-2018-14734 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14734

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-07-29 23:29 修改: 2019-04-23 17:29
kernel-headers CVE-2018-15594 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15594

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-20 08:29 修改: 2019-10-03 00:03
kernel-headers CVE-2018-16658 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Information leak in cdrom_ioctl_drive_status

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16658

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-07 14:29 修改: 2019-08-06 17:15
kernel-headers CVE-2018-16871 高危 3.10.0-957.21.3.el7 3.10.0-957.27.2.el7 kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16871

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-30 17:15 修改: 2023-02-12 23:32
kernel-headers CVE-2018-16884 高危 3.10.0-957.21.3.el7 3.10.0-957.27.2.el7 kernel: nfs: use-after-free in svc_process_common()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16884

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-12-18 22:29 修改: 2023-08-11 19:12
kernel-headers CVE-2018-16885 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: out-of-bound read in memcpy_fromiovecend()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16885

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-03 16:29 修改: 2023-02-13 04:52
kernel-headers CVE-2018-18281 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: TLB flush happens too late on mremap

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18281

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-30 18:29 修改: 2020-08-24 17:37
kernel-headers CVE-2018-20836 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c leads to use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20836

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-07 14:29 修改: 2022-11-03 02:22
kernel-headers CVE-2018-20856 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.1.el7 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20856

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-26 05:15 修改: 2023-11-07 02:56
kernel-headers CVE-2018-7755 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7755

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-03-08 07:29 修改: 2018-10-04 10:29
kernel-headers CVE-2018-8087 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-8087

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-03-13 06:29 修改: 2019-10-03 00:03
kernel-headers CVE-2018-9363 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Buffer overflow in hidp_process_report

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9363

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-11-06 17:29 修改: 2023-01-19 16:01
kernel-headers CVE-2018-9516 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9516

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-11-06 17:29 修改: 2019-08-06 17:15
kernel-headers CVE-2018-9517 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9517

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-12-07 23:29 修改: 2019-04-03 01:29
kernel-headers CVE-2019-0154 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.2.el7 hw: Intel GPU Denial Of Service while accessing MMIO in lower power state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0154

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-14 19:15 修改: 2023-11-07 03:01
kernel-headers CVE-2019-0155 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.3.el7 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0155

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-14 19:15 修改: 2023-11-07 03:01
kernel-headers CVE-2019-10126 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.1.el7 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10126

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-06-14 14:29 修改: 2023-02-12 23:32
kernel-headers CVE-2019-10207 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: null-pointer dereference in hci_uart_set_flow_control

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10207

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-25 14:15 修改: 2023-02-12 23:33
kernel-headers CVE-2019-10638 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 Kernel: net: weak IP ID generation leads to remote device tracking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10638

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-05 23:15 修改: 2021-06-14 18:15
kernel-headers CVE-2019-10639 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10639

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-05 23:15 修改: 2023-11-07 03:02
kernel-headers CVE-2019-11085 高危 3.10.0-957.21.3.el7 3.10.0-957.27.2.el7 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11085

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-17 16:29 修改: 2019-05-31 12:29
kernel-headers CVE-2019-11135 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.2.el7 hw: TSX Transaction Asynchronous Abort (TAA)

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11135

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-14 19:15 修改: 2023-11-07 03:02
kernel-headers CVE-2019-1125 高危 3.10.0-957.21.3.el7 3.10.0-1062.1.1.el7 kernel: hw: Spectre SWAPGS gadget vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1125

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-03 18:15 修改: 2024-05-29 17:15
kernel-headers CVE-2019-11487 高危 3.10.0-957.21.3.el7 3.10.0-1062.18.1.el7 kernel: Count overflow in FUSE request leading to use-after-free issues.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11487

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-23 22:29 修改: 2023-02-24 18:43
kernel-headers CVE-2019-11599 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11599

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-29 18:29 修改: 2024-02-15 15:56
kernel-headers CVE-2019-11810 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11810

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-07 14:29 修改: 2022-12-02 19:46
kernel-headers CVE-2019-11811 高危 3.10.0-957.21.3.el7 3.10.0-957.27.2.el7 kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11811

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-07 14:29 修改: 2023-08-11 19:54
kernel-headers CVE-2019-11833 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: fs/ext4/extents.c leads to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11833

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-15 13:29 修改: 2023-11-07 03:03
kernel-headers CVE-2019-14816 高危 3.10.0-957.21.3.el7 3.10.0-1062.12.1.el7 kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14816

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-20 19:15 修改: 2023-07-12 19:27
kernel-headers CVE-2019-14821 高危 3.10.0-957.21.3.el7 3.10.0-1062.7.1.el7 Kernel: KVM: OOB memory access via mmio ring buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14821

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-19 18:15 修改: 2024-02-16 18:44
kernel-headers CVE-2019-14835 高危 3.10.0-957.21.3.el7 3.10.0-1062.1.2.el7 kernel: vhost-net: guest to host kernel escape during migration

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14835

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-17 16:15 修改: 2023-12-15 15:29
kernel-headers CVE-2019-14895 高危 3.10.0-957.21.3.el7 3.10.0-1062.12.1.el7 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14895

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-29 14:15 修改: 2023-02-12 23:36
kernel-headers CVE-2019-14898 高危 3.10.0-957.21.3.el7 3.10.0-1062.12.1.el7 kernel: incomplete fix for race condition between mmget_not_zero()/get_task_mm() and core dumping in CVE-2019-11599

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14898

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-08 14:15 修改: 2023-02-12 23:37
kernel-headers CVE-2019-14901 高危 3.10.0-957.21.3.el7 3.10.0-1062.12.1.el7 kernel: heap overflow in marvell/mwifiex/tdls.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14901

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-29 15:15 修改: 2023-02-12 23:37
kernel-headers CVE-2019-15217 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: null pointer dereference in drivers/media/usb/zr364xx/zr364xx.c driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15217

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-08-19 22:15 修改: 2023-11-09 14:44
kernel-headers CVE-2019-15239 高危 3.10.0-957.21.3.el7 3.10.0-1062.7.1.el7 kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15239

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-08-20 08:15 修改: 2023-11-07 03:05
kernel-headers CVE-2019-15807 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: Memory leak in drivers/scsi/libsas/sas_expander.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15807

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-08-29 18:15 修改: 2023-11-07 03:05
kernel-headers CVE-2019-15916 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15916

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-04 15:15 修改: 2023-11-07 03:05
kernel-headers CVE-2019-15917 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use-after-free in drivers/bluetooth/hci_ldisc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15917

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-04 19:15 修改: 2023-08-11 19:54
kernel-headers CVE-2019-16231 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16231

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-11 16:15 修改: 2020-05-04 20:22
kernel-headers CVE-2019-16233 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16233

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-11 16:15 修改: 2020-05-06 15:15
kernel-headers CVE-2019-16746 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: buffer-overflow hardening in WiFi beacon validation code.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16746

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-24 06:15 修改: 2023-11-07 03:05
kernel-headers CVE-2019-16994 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: Memory leak in sit_init_net() in net/ipv6/sit.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16994

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-30 13:15 修改: 2021-07-21 11:39
kernel-headers CVE-2019-17053 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17053

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-01 14:15 修改: 2023-11-07 03:06
kernel-headers CVE-2019-17055 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17055

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-01 14:15 修改: 2023-11-07 03:06
kernel-headers CVE-2019-17133 高危 3.10.0-957.21.3.el7 3.10.0-1062.12.1.el7 kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17133

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-04 12:15 修改: 2022-11-03 02:41
kernel-headers CVE-2019-17666 高危 3.10.0-957.21.3.el7 3.10.0-1062.18.1.el7 kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17666

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-17 02:15 修改: 2023-11-07 03:06
kernel-headers CVE-2019-18282 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: The flow_dissector feature allows device tracking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18282

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-16 16:15 修改: 2022-04-18 15:48
kernel-headers CVE-2019-19055 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19055

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-18 06:15 修改: 2024-08-05 02:15
kernel-headers CVE-2019-19058 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19058

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-18 06:15 修改: 2023-11-07 03:07
kernel-headers CVE-2019-19059 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19059

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-18 06:15 修改: 2023-11-07 03:07
kernel-headers CVE-2019-19062 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19062

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-18 06:15 修改: 2023-11-07 03:07
kernel-headers CVE-2019-19063 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19063

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-18 06:15 修改: 2023-11-07 03:07
kernel-headers CVE-2019-19332 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19332

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-09 15:15 修改: 2023-02-12 23:37
kernel-headers CVE-2019-19338 高危 3.10.0-957.21.3.el7 3.10.0-1062.18.1.el7 Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19338

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-07-13 17:15 修改: 2020-07-21 17:17
kernel-headers CVE-2019-19447 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19447

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-08 01:15 修改: 2023-10-03 15:38
kernel-headers CVE-2019-19523 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19523

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2022-10-31 14:52
kernel-headers CVE-2019-19524 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19524

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2022-10-31 14:52
kernel-headers CVE-2019-19527 高危 3.10.0-957.21.3.el7 3.10.0-1127.18.2.el7 kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19527

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2023-08-04 17:50
kernel-headers CVE-2019-19530 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use-after-free caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19530

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2022-10-31 14:51
kernel-headers CVE-2019-19532 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: malicious USB devices can lead to multiple out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19532

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2020-01-07 06:15
kernel-headers CVE-2019-19534 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19534

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2022-03-31 18:21
kernel-headers CVE-2019-19537 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: race condition caused by a malicious USB device in the USB character device driver layer

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19537

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-03 16:15 修改: 2020-01-18 07:15
kernel-headers CVE-2019-19767 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19767

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-12 20:15 修改: 2020-01-03 11:15
kernel-headers CVE-2019-19768 高危 3.10.0-957.21.3.el7 3.10.0-1127.8.2.el7 kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19768

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-12 20:15 修改: 2020-06-10 20:15
kernel-headers CVE-2019-19807 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use-after-free in sound/core/timer.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19807

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-15 23:15 修改: 2023-01-17 21:31
kernel-headers CVE-2019-20054 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20054

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-28 05:15 修改: 2023-01-20 20:19
kernel-headers CVE-2019-20095 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: memory leak in mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20095

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-12-30 05:15 修改: 2022-04-18 15:48
kernel-headers CVE-2019-20636 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: out-of-bounds write via crafted keycode table

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20636

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-04-08 14:15 修改: 2023-11-09 13:57
kernel-headers CVE-2019-20811 高危 3.10.0-957.21.3.el7 3.10.0-1160.6.1.el7 kernel: net-sysfs: *_queue_add_kobject refcount issue

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20811

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-06-03 03:15 修改: 2023-01-20 18:37
kernel-headers CVE-2019-20934 高危 3.10.0-957.21.3.el7 3.10.0-1160.36.2.el7 kernel: use-after-free in show_numa_stats function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20934

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-11-28 07:15 修改: 2021-01-12 13:49
kernel-headers CVE-2019-3459 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3459

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-11 16:29 修改: 2023-11-07 03:09
kernel-headers CVE-2019-3460 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3460

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-11 16:29 修改: 2023-11-07 03:09
kernel-headers CVE-2019-3846 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.1.el7 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3846

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-06-03 19:29 修改: 2023-02-12 23:38
kernel-headers CVE-2019-3882 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 kernel: denial of service vector through vfio DMA mappings

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3882

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-24 16:29 修改: 2023-02-12 23:38
kernel-headers CVE-2019-3900 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 Kernel: vhost_net: infinite loop while receiving packets leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3900

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-25 15:29 修改: 2024-04-26 16:08
kernel-headers CVE-2019-3901 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: perf_event_open() and execve() race in setuid programs allows a data leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3901

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-22 16:29 修改: 2023-02-12 23:38
kernel-headers CVE-2019-5489 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 Kernel: page cache side channel attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5489

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-07 17:29 修改: 2020-08-24 17:37
kernel-headers CVE-2019-7222 高危 3.10.0-957.21.3.el7 3.10.0-1062.el7 Kernel: KVM: leak of uninitialized stack contents to guest

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7222

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-03-21 16:01 修改: 2023-11-07 03:13
kernel-headers CVE-2019-9454 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: out of bounds write in i2c driver leads to local escalation of privilege

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9454

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-06 22:15 修改: 2019-09-09 18:52
kernel-headers CVE-2019-9458 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use after free due to race condition in the video driver leads to local privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9458

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-06 22:15 修改: 2022-04-18 16:13
kernel-headers CVE-2019-9500 高危 3.10.0-957.21.3.el7 3.10.0-1062.1.1.el7 kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9500

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-16 21:15 修改: 2023-01-19 15:53
kernel-headers CVE-2019-9503 高危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: brcmfmac frame validation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9503

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-16 21:15 修改: 2022-04-18 18:09
kernel-headers CVE-2019-9506 高危 3.10.0-957.21.3.el7 3.10.0-1062.4.1.el7 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9506

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-08-14 17:15 修改: 2021-11-04 15:58
kernel-headers CVE-2020-0465 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: out of bounds write in hid-multitouch.c may lead to escalation of privilege

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-0465

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-14 22:15 修改: 2021-03-08 16:23
kernel-headers CVE-2020-0466 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: use after free in eventpoll.c may lead to escalation of privilege

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-0466

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-14 22:15 修改: 2020-12-15 17:29
kernel-headers CVE-2020-10690 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: use-after-free in cdev_put() when a PTP device is removed while it's chardev is open

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10690

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-08 15:15 修改: 2023-11-07 03:14
kernel-headers CVE-2020-10711 高危 3.10.0-957.21.3.el7 3.10.0-1127.8.2.el7 Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10711

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-22 15:15 修改: 2023-11-07 03:14
kernel-headers CVE-2020-10732 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: uninitialized kernel data leak in userspace coredumps

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10732

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-06-12 14:15 修改: 2023-06-06 13:46
kernel-headers CVE-2020-10742 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: NFS client crash due to index buffer overflow during Direct IO write causing kernel panic

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10742

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-06-02 11:15 修改: 2023-02-12 23:39
kernel-headers CVE-2020-10751 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: SELinux netlink permission check bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10751

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-26 15:15 修改: 2023-02-12 23:39
kernel-headers CVE-2020-10757 高危 3.10.0-957.21.3.el7 3.10.0-1127.18.2.el7 kernel: kernel: DAX hugepages not considered during mremap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10757

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-06-09 13:15 修改: 2024-01-19 17:51
kernel-headers CVE-2020-10769 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned.

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10769

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-06-26 16:15 修改: 2023-02-12 23:39
kernel-headers CVE-2020-10942 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10942

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-03-24 22:15 修改: 2022-04-22 19:06
kernel-headers CVE-2020-11668 高危 3.10.0-957.21.3.el7 3.10.0-1160.36.2.el7 kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11668

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-04-09 21:15 修改: 2020-06-10 20:15
kernel-headers CVE-2020-12351 高危 3.10.0-957.21.3.el7 3.10.0-1160.2.2.el7 kernel: net: bluetooth: type confusion while processing AMP packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12351

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-11-23 17:15 修改: 2023-09-28 22:08
kernel-headers CVE-2020-12352 高危 3.10.0-957.21.3.el7 3.10.0-1160.2.2.el7 kernel: net: bluetooth: information leak when processing certain AMP packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12352

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-11-23 17:15 修改: 2022-08-12 18:28
kernel-headers CVE-2020-12362 高危 3.10.0-957.21.3.el7 3.10.0-1160.31.1.el7 kernel: Integer overflow in Intel(R) Graphics Drivers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12362

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-17 14:15 修改: 2023-04-01 22:15
kernel-headers CVE-2020-12363 高危 3.10.0-957.21.3.el7 3.10.0-1160.31.1.el7 kernel: Improper input validation in some Intel(R) Graphics Drivers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12363

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-17 14:15 修改: 2023-04-01 22:15
kernel-headers CVE-2020-12364 高危 3.10.0-957.21.3.el7 3.10.0-1160.31.1.el7 kernel: Null pointer dereference in some Intel(R) Graphics Drivers

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12364

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-17 14:15 修改: 2023-04-01 22:15
kernel-headers CVE-2020-12653 高危 3.10.0-957.21.3.el7 3.10.0-1127.18.2.el7 kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12653

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-05 06:15 修改: 2022-04-26 17:37
kernel-headers CVE-2020-12654 高危 3.10.0-957.21.3.el7 3.10.0-1127.18.2.el7 kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12654

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-05 05:15 修改: 2020-06-16 20:15
kernel-headers CVE-2020-12770 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: sg_write function lacks an sg_remove_request call in a certain failure case

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12770

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-09 21:15 修改: 2023-11-07 03:15
kernel-headers CVE-2020-12888 高危 3.10.0-957.21.3.el7 3.10.0-1127.13.1.el7 Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12888

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-15 18:15 修改: 2023-11-07 03:15
kernel-headers CVE-2020-14305 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: memory corruption in Voice over IP nf_conntrack_h323 module

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14305

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-02 01:15 修改: 2023-11-07 03:17
kernel-headers CVE-2020-14314 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: buffer uses out of index in ext3/4 filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14314

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-15 20:15 修改: 2023-11-07 03:17
kernel-headers CVE-2020-14331 高危 3.10.0-957.21.3.el7 3.10.0-1160.6.1.el7 kernel: kernel: buffer over write in vgacon_scroll

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14331

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-15 19:15 修改: 2023-02-12 23:40
kernel-headers CVE-2020-14351 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: performance counters race condition use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14351

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-03 17:15 修改: 2021-11-04 17:05
kernel-headers CVE-2020-14385 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: metadata validator in XFS may cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14385

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-15 22:15 修改: 2023-11-07 03:17
kernel-headers CVE-2020-15436 高危 3.10.0-957.21.3.el7 3.10.0-1160.15.2.el7 kernel: use-after-free in fs/block_dev.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15436

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-11-23 21:15 修改: 2023-10-12 13:31
kernel-headers CVE-2020-1749 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: some ipv6 protocols not encrypted over ipsec tunnel

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1749

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-09 15:15 修改: 2023-11-07 03:19
kernel-headers CVE-2020-24394 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: umask not applied on filesystem without ACL support

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24394

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-19 13:15 修改: 2022-10-25 17:03
kernel-headers CVE-2020-25211 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25211

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-09 16:15 修改: 2023-11-07 03:20
kernel-headers CVE-2020-25212 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: TOCTOU mismatch in the NFS client code

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25212

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-09 16:15 修改: 2022-04-28 18:32
kernel-headers CVE-2020-25643 高危 3.10.0-957.21.3.el7 3.10.0-1160.11.1.el7 kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25643

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-10-06 14:15 修改: 2023-05-16 10:48
kernel-headers CVE-2020-25645 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25645

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-10-13 20:15 修改: 2021-03-26 02:25
kernel-headers CVE-2020-25705 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: ICMP rate limiting can be used for DNS poisoning attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25705

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-11-17 02:15 修改: 2021-05-18 12:15
kernel-headers CVE-2020-27170 高危 3.10.0-957.21.3.el7 3.10.0-1160.31.1.el7 kernel: Speculation on pointer arithmetic against bpf_context pointer

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27170

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-03-20 22:15 修改: 2023-11-07 03:20
kernel-headers CVE-2020-2732 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-2732

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-04-08 22:15 修改: 2020-06-10 20:15
kernel-headers CVE-2020-28374 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: SCSI target (LIO) write to any block on ILO backstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28374

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-01-13 04:15 修改: 2023-11-07 03:21
kernel-headers CVE-2020-29661 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29661

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-09 17:15 修改: 2023-11-07 03:21
kernel-headers CVE-2020-36385 高危 3.10.0-957.21.3.el7 3.10.0-1160.49.1.el7 kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36385

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-06-07 12:15 修改: 2022-10-25 16:42
kernel-headers CVE-2020-36558 高危 3.10.0-957.21.3.el7 3.10.0-1160.118.1.0.1.el7 kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36558

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-07-21 04:15 修改: 2022-07-27 19:23
kernel-headers CVE-2020-7053 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7053

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-14 21:15 修改: 2023-11-07 03:25
kernel-headers CVE-2020-8647 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8647

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-02-06 01:15 修改: 2021-12-30 20:50
kernel-headers CVE-2020-8648 高危 3.10.0-957.21.3.el7 3.10.0-1160.31.1.el7 kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8648

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-02-06 01:15 修改: 2022-07-28 00:08
kernel-headers CVE-2020-8649 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8649

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-02-06 01:15 修改: 2021-12-30 20:44
kernel-headers CVE-2020-9383 高危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9383

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-02-25 16:15 修改: 2022-10-29 02:34
kernel-headers CVE-2021-0920 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: Use After Free in unix_gc() which could result in a local privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-0920

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-12-15 19:15 修改: 2024-02-02 16:46
kernel-headers CVE-2021-20265 高危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: increase slab leak leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20265

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-03-10 16:15 修改: 2022-08-05 17:52
kernel-headers CVE-2021-22543 高危 3.10.0-957.21.3.el7 3.10.0-1160.45.1.el7 kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22543

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-05-26 11:15 修改: 2024-05-29 20:15
kernel-headers CVE-2021-22555 高危 3.10.0-957.21.3.el7 3.10.0-1160.41.1.el7 kernel: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22555

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-07-07 12:15 修改: 2022-03-31 19:15
kernel-headers CVE-2021-26401 高危 3.10.0-957.21.3.el7 3.10.0-1160.83.1.0.1.el7 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-26401

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-11 18:15 修改: 2022-03-18 20:04
kernel-headers CVE-2021-27363 高危 3.10.0-957.21.3.el7 3.10.0-1160.24.1.el7 kernel: iscsi: unrestricted access to sessions and handles

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27363

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-03-07 04:15 修改: 2022-05-23 16:00
kernel-headers CVE-2021-27364 高危 3.10.0-957.21.3.el7 3.10.0-1160.24.1.el7 kernel: out-of-bounds read in libiscsi module

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27364

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-03-07 05:15 修改: 2021-12-08 19:49
kernel-headers CVE-2021-27365 高危 3.10.0-957.21.3.el7 3.10.0-1160.24.1.el7 kernel: heap buffer overflow in the iSCSI subsystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27365

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-03-07 05:15 修改: 2021-12-10 18:13
kernel-headers CVE-2021-29154 高危 3.10.0-957.21.3.el7 3.10.0-1160.41.1.el7 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29154

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-08 21:15 修改: 2024-03-25 01:15
kernel-headers CVE-2021-29650 高危 3.10.0-957.21.3.el7 3.10.0-1160.41.1.el7 kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29650

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-03-30 21:15 修改: 2023-11-07 03:32
kernel-headers CVE-2021-32399 高危 3.10.0-957.21.3.el7 3.10.0-1160.41.1.el7 kernel: race condition for removal of the HCI controller

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-32399

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-05-10 22:15 修改: 2022-05-13 20:53
kernel-headers CVE-2021-33033 高危 3.10.0-957.21.3.el7 3.10.0-1160.36.2.el7 kernel: use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33033

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-05-14 23:15 修改: 2021-06-09 18:37
kernel-headers CVE-2021-33034 高危 3.10.0-957.21.3.el7 3.10.0-1160.36.2.el7 kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33034

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-05-14 23:15 修改: 2023-11-07 03:35
kernel-headers CVE-2021-3347 高危 3.10.0-957.21.3.el7 3.10.0-1160.31.1.el7 kernel: Use after free via PI futex state

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3347

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-01-29 17:15 修改: 2023-11-07 03:37
kernel-headers CVE-2021-33909 高危 3.10.0-957.21.3.el7 3.10.0-1160.36.2.el7 kernel: size_t-to-int conversion vulnerability in the filesystem layer

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33909

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
kernel-headers CVE-2021-3564 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: double free in bluetooth subsystem when the HCI device initialization fails

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3564

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-06-08 12:15 修改: 2023-02-12 23:41
kernel-headers CVE-2021-3573 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: use-after-free in function hci_sock_bound_ioctl()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3573

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-08-13 14:15 修改: 2023-11-07 03:38
kernel-headers CVE-2021-3653 高危 3.10.0-957.21.3.el7 3.10.0-1160.45.1.el7 kernel: SVM nested virtualization issue in KVM (AVIC support)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3653

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-09-29 20:15 修改: 2023-05-16 10:49
kernel-headers CVE-2021-3656 高危 3.10.0-957.21.3.el7 3.10.0-1160.45.1.el7 kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3656

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-04 19:15 修改: 2023-01-19 15:53
kernel-headers CVE-2021-3715 高危 3.10.0-957.21.3.el7 3.10.0-1160.42.2.el7 kernel: use-after-free in route4_change() in net/sched/cls_route.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3715

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-02 23:15 修改: 2023-01-24 15:07
kernel-headers CVE-2021-3752 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: possible use-after-free in bluetooth module

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3752

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-02-16 19:15 修改: 2023-11-09 14:44
kernel-headers CVE-2021-37576 高危 3.10.0-957.21.3.el7 3.10.0-1160.45.1.el7 kernel: powerpc: KVM guest OS users can cause host OS memory corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37576

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-07-26 22:15 修改: 2023-11-07 03:36
kernel-headers CVE-2021-4028 高危 3.10.0-957.21.3.el7 3.10.0-1160.62.1.el7 kernel: use-after-free in RDMA listen()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4028

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-08-24 16:15 修改: 2023-02-10 16:18
kernel-headers CVE-2021-4083 高危 3.10.0-957.21.3.el7 3.10.0-1160.62.1.el7 kernel: fget: check that the fd still exists after getting a ref to it

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4083

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-01-18 17:15 修改: 2023-10-06 18:05
kernel-headers CVE-2021-4155 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4155

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-08-24 16:15 修改: 2022-08-29 13:39
kernel-headers CVE-2021-42739 高危 3.10.0-957.21.3.el7 3.10.0-1160.53.1.el7 kernel: Heap buffer overflow in firedtv driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42739

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-10-20 07:15 修改: 2024-03-24 23:15
kernel-headers CVE-2022-0330 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: possible privileges escalation due to missing TLB flush

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0330

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-25 19:15 修改: 2022-12-07 17:08
kernel-headers CVE-2022-0492 高危 3.10.0-957.21.3.el7 3.10.0-1160.66.1.el7 kernel: cgroups v1 release_agent feature may allow privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0492

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-03 19:15 修改: 2023-12-07 15:15
kernel-headers CVE-2022-1011 高危 3.10.0-957.21.3.el7 3.10.0-1160.119.1.0.3.el7 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1011

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-18 18:15 修改: 2022-10-12 13:27
kernel-headers CVE-2022-1729 高危 3.10.0-957.21.3.el7 3.10.0-1160.71.1.0.1.el7 kernel: race condition in perf_event_open leads to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1729

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-01 21:15 修改: 2023-08-04 17:41
kernel-headers CVE-2022-1966 高危 3.10.0-957.21.3.el7 3.10.0-1160.71.1.0.1.el7 kernel: netfilter: nf_tables: incorrect NFT_STATEFUL_EXPR check leads to a use-after-free (write)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1966

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-06-06 18:15 修改: 2023-11-07 03:42
kernel-headers CVE-2022-21123 高危 3.10.0-957.21.3.el7 3.10.0-1160.76.1.0.1.el7 hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21123

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-06-15 20:15 修改: 2023-11-07 03:43
kernel-headers CVE-2022-21125 高危 3.10.0-957.21.3.el7 3.10.0-1160.76.1.0.1.el7 hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21125

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-06-15 20:15 修改: 2023-11-07 03:43
kernel-headers CVE-2022-21166 高危 3.10.0-957.21.3.el7 3.10.0-1160.76.1.0.1.el7 hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21166

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-06-15 21:15 修改: 2023-11-07 03:43
kernel-headers CVE-2022-21499 高危 3.10.0-957.21.3.el7 3.10.0-1160.66.1.0.2.el7 kernel: possible to use the debugger to write zero into a location of choice

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21499

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-06-09 21:15 修改: 2022-09-28 20:00
kernel-headers CVE-2022-22942 高危 3.10.0-957.21.3.el7 3.10.0-1160.59.1.el7 kernel: failing usercopy allows for use-after-free exploitation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22942

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-12-13 09:15 修改: 2023-12-18 17:27
kernel-headers CVE-2022-23816 高危 3.10.0-957.21.3.el7 3.10.0-1160.80.1.0.1.el7 hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23816

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-01-17 06:15 修改: 2023-11-07 03:44
kernel-headers CVE-2022-2588 高危 3.10.0-957.21.3.el7 3.10.0-1160.80.1.0.1.el7 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2588

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-01-08 18:15 修改: 2024-08-22 20:28
kernel-headers CVE-2022-2964 高危 3.10.0-957.21.3.el7 3.10.0-1160.83.1.0.1.el7 kernel: memory corruption in AX88179_178A based USB ethernet device.

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2964

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-09 15:15 修改: 2023-01-20 12:58
kernel-headers CVE-2022-29900 高危 3.10.0-957.21.3.el7 3.10.0-1160.80.1.0.1.el7 hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29900

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-07-12 19:15 修改: 2024-02-04 08:15
kernel-headers CVE-2022-29901 高危 3.10.0-957.21.3.el7 3.10.0-1160.80.1.0.1.el7 hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29901

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-07-12 19:15 修改: 2024-02-04 08:15
kernel-headers CVE-2022-3564 高危 3.10.0-957.21.3.el7 3.10.0-1160.95.1.0.1.el7 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3564

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-10-17 19:15 修改: 2023-11-07 03:51
kernel-headers CVE-2022-40982 高危 3.10.0-957.21.3.el7 3.10.0-1160.105.1.0.1.el7 hw: Intel: Gather Data Sampling (GDS) side channel vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40982

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-08-11 03:15 修改: 2023-11-07 03:52
kernel-headers CVE-2022-42703 高危 3.10.0-957.21.3.el7 3.10.0-1160.88.1.0.1.el7 kernel: use-after-free related to leaf anon_vma double reuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42703

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-10-09 23:15 修改: 2023-02-03 20:29
kernel-headers CVE-2022-42896 高危 3.10.0-957.21.3.el7 3.10.0-1160.114.2.0.1.el7 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42896

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-11-23 15:15 修改: 2023-11-07 03:53
kernel-headers CVE-2022-43750 高危 3.10.0-957.21.3.el7 3.10.0-1160.90.1.0.1.el7 kernel: memory corruption in usbmon driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43750

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-10-26 04:15 修改: 2023-02-14 21:38
kernel-headers CVE-2022-4378 高危 3.10.0-957.21.3.el7 3.10.0-1160.88.1.0.1.el7 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4378

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-01-05 16:15 修改: 2023-11-07 03:57
kernel-headers CVE-2023-2002 高危 3.10.0-957.21.3.el7 3.10.0-1160.118.1.0.1.el7 Kernel: bluetooth: Unauthorized management command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2002

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-05-26 17:15 修改: 2024-02-02 14:15
kernel-headers CVE-2023-32233 高危 3.10.0-957.21.3.el7 3.10.0-1160.102.1.0.1.el7 kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-32233

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-05-08 20:15 修改: 2023-09-28 19:07
kernel-headers CVE-2023-35001 高危 3.10.0-957.21.3.el7 3.10.0-1160.102.1.0.1.el7 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-35001

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-05 19:15 修改: 2024-01-11 19:15
kernel-headers CVE-2023-35788 高危 3.10.0-957.21.3.el7 3.10.0-1160.99.1.0.1.el7 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-35788

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-06-16 21:15 修改: 2024-06-26 15:55
kernel-headers CVE-2023-3609 高危 3.10.0-957.21.3.el7 3.10.0-1160.102.1.0.1.el7 kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3609

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-21 21:15 修改: 2024-01-11 19:15
kernel-headers CVE-2023-3611 高危 3.10.0-957.21.3.el7 3.10.0-1160.105.1.0.1.el7 kernel: net/sched: sch_qfq component can be exploited if in qfq_change_agg function happens qfq_enqueue overhead

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3611

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-21 21:15 修改: 2024-08-22 20:25
kernel-headers CVE-2023-3776 高危 3.10.0-957.21.3.el7 3.10.0-1160.105.1.0.1.el7 kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3776

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-21 21:15 修改: 2024-08-22 20:24
kernel-headers CVE-2023-4206 高危 3.10.0-957.21.3.el7 3.10.0-1160.105.1.0.1.el7 kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4206

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-06 14:15 修改: 2024-02-15 15:57
kernel-headers CVE-2023-4207 高危 3.10.0-957.21.3.el7 3.10.0-1160.105.1.0.1.el7 kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4207

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-06 14:15 修改: 2024-02-05 19:55
kernel-headers CVE-2023-4208 高危 3.10.0-957.21.3.el7 3.10.0-1160.105.1.0.1.el7 kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4208

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-06 14:15 修改: 2024-02-15 15:57
kernel-headers CVE-2023-42753 高危 3.10.0-957.21.3.el7 3.10.0-1160.108.1.0.1.el7 kernel: netfilter: potential slab-out-of-bound access due to integer underflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42753

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-25 21:15 修改: 2024-09-13 19:15
kernel-headers CVE-2023-45871 高危 3.10.0-957.21.3.el7 3.10.0-1160.114.2.0.1.el7 kernel: IGB driver inadequate buffer size for frames larger than MTU

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45871

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-10-15 01:15 修改: 2024-08-27 19:35
kernel-headers CVE-2023-4622 高危 3.10.0-957.21.3.el7 3.10.0-1160.118.1.0.1.el7 kernel: use after free in unix_stream_sendpage

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4622

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-06 14:15 修改: 2024-01-11 19:15
kernel-headers CVE-2023-4623 高危 3.10.0-957.21.3.el7 3.10.0-1160.118.1.0.1.el7 kernel: net/sched: sch_hfsc UAF

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4623

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-06 14:15 修改: 2024-08-26 16:07
kernel-headers CVE-2023-4921 高危 3.10.0-957.21.3.el7 3.10.0-1160.114.2.0.1.el7 kernel: use-after-free in sch_qfq network scheduler

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4921

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-09-12 20:15 修改: 2024-08-26 16:06
kernel-headers CVE-2024-1086 高危 3.10.0-957.21.3.el7 3.10.0-1160.114.2.0.1.el7 kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1086

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-01-31 13:15 修改: 2024-08-14 19:41
kernel-headers CVE-2024-36971 高危 3.10.0-957.21.3.el7 3.10.0-1160.119.1.0.3.el7 kernel: net: kernel: UAF in network route management

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36971

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-06-10 09:15 修改: 2024-08-08 14:49
kernel-headers CVE-2024-41071 高危 3.10.0-957.21.3.el7 3.10.0-1160.119.1.0.5.el7 kernel: wifi: mac80211: Avoid address calculations via out of bounds array indexing

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41071

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-07-29 15:15 修改: 2024-10-17 14:15
kpartx CVE-2022-41974 高危 0.4.9-123.0.1.el7 0.4.9-136.0.1.el7_9 device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41974

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-10-29 19:15 修改: 2023-11-25 09:15
krb5-libs CVE-2020-28196 高危 1.15.1-37.el7_6 1.15.1-50.0.1.el7 krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
krb5-libs CVE-2022-42898 高危 1.15.1-37.el7_6 1.15.1-55.0.1.el7_9 krb5: integer overflow vulnerabilities in PAC parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42898

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-12-25 06:15 修改: 2023-10-08 09:15
ksh CVE-2019-14868 高危 20120801-139.0.1.el7 20120801-140.0.1.el7_7 ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14868

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-04-02 17:15 修改: 2023-02-12 23:36
libcurl CVE-2019-5482 高危 7.29.0-51.0.1.el7 7.29.0-54.0.5.el7_7.2 curl: heap buffer overflow in function tftp_receive_packet()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5482

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-16 19:15 修改: 2023-11-07 03:11
bind-libs CVE-2018-5741 高危 32:9.9.4-74.el7_6.1 32:9.11.4-9.P2.el7 bind: Incorrect documentation of krb5-subdomain and ms-subdomain update policies

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5741

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-16 20:29 修改: 2020-10-20 12:15
nss CVE-2019-11729 高危 3.36.0-7.1.el7_6 3.44.0-7.el7_7 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11729

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss CVE-2019-11745 高危 3.36.0-7.1.el7_6 3.44.0-7.el7_7 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11745

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2021-02-19 17:22
nss CVE-2023-0767 高危 3.36.0-7.1.el7_6 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45
nss-softokn CVE-2019-11729 高危 3.36.0-5.0.1.el7_5 3.44.0-8.0.1.el7_7 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11729

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-softokn CVE-2019-11745 高危 3.36.0-5.0.1.el7_5 3.44.0-8.0.1.el7_7 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11745

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2021-02-19 17:22
nss-softokn-freebl CVE-2019-11729 高危 3.36.0-5.0.1.el7_5 3.44.0-8.0.1.el7_7 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11729

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-softokn-freebl CVE-2019-11745 高危 3.36.0-5.0.1.el7_5 3.44.0-8.0.1.el7_7 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11745

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2021-02-19 17:22
bind-libs CVE-2020-8616 高危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7_8.6 bind: BIND does not sufficiently limit the number of fetches performed when processing referrals

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8616

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-19 14:15 修改: 2023-11-07 03:26
nss-sysinit CVE-2019-11729 高危 3.36.0-7.1.el7_6 3.44.0-7.el7_7 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11729

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-sysinit CVE-2019-11745 高危 3.36.0-7.1.el7_6 3.44.0-7.el7_7 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11745

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2021-02-19 17:22
nss-sysinit CVE-2023-0767 高危 3.36.0-7.1.el7_6 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45
bind-libs CVE-2020-8617 高危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7_8.6 bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8617

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-19 14:15 修改: 2023-11-07 03:26
nss-tools CVE-2019-11729 高危 3.36.0-7.1.el7_6 3.44.0-7.el7_7 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11729

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-tools CVE-2019-11745 高危 3.36.0-7.1.el7_6 3.44.0-7.el7_7 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11745

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2021-02-19 17:22
nss-tools CVE-2023-0767 高危 3.36.0-7.1.el7_6 3.79.0-5.el7_9 nss: Arbitrary memory write via PKCS 12

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0767

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-06-02 17:15 修改: 2023-08-02 16:45
nss-util CVE-2019-11729 高危 3.36.0-1.1.el7_6 3.44.0-4.el7_7 nss: Empty or malformed p256-ECDH public keys may trigger a segmentation fault

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11729

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-util CVE-2019-11745 高危 3.36.0-1.1.el7_6 3.44.0-4.el7_7 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11745

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2021-02-19 17:22
openssh CVE-2023-38408 高危 7.4p1-16.el7 7.4p1-23.0.1.el7_9 openssh: Remote code execution in ssh-agent PKCS#11 support

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38408

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-20 03:15 修改: 2024-10-15 19:35
openssh-clients CVE-2023-38408 高危 7.4p1-16.el7 7.4p1-23.0.1.el7_9 openssh: Remote code execution in ssh-agent PKCS#11 support

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38408

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-20 03:15 修改: 2024-10-15 19:35
openssl CVE-2023-0286 高危 1:1.0.2k-16.0.1.el7_6.1 1:1.0.2k-26.el7_9 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
openssl-libs CVE-2023-0286 高危 1:1.0.2k-16.0.1.el7_6.1 1:1.0.2k-26.el7_9 openssl: X.400 address type confusion in X.509 GeneralName

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-0286

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-02-08 20:15 修改: 2024-02-04 09:15
python CVE-2023-24329 高危 2.7.5-80.0.1.el7_6 2.7.5-93.0.1.el7_9 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python CVE-2023-40217 高危 2.7.5-80.0.1.el7_6 2.7.5-94.0.1.el7_9 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20
python-libs CVE-2023-24329 高危 2.7.5-80.0.1.el7_6 2.7.5-93.0.1.el7_9 python: urllib.parse url blocklisting bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24329

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-02-17 15:15 修改: 2023-11-07 04:08
python-libs CVE-2023-40217 高危 2.7.5-80.0.1.el7_6 2.7.5-94.0.1.el7_9 python: TLS handshake bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40217

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-08-25 01:15 修改: 2023-11-07 04:20
sqlite CVE-2019-13734 高危 3.7.17-8.el7 3.7.17-8.el7_7.1 sqlite: fts3: improve shadow table corruption detection

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13734

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-12-10 22:15 修改: 2023-11-07 03:04
systemd CVE-2022-2526 高危 219-62.0.4.el7_6.7 219-78.0.9.el7_9.7 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17
systemd-libs CVE-2022-2526 高危 219-62.0.4.el7_6.7 219-78.0.9.el7_9.7 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17
systemd-sysv CVE-2022-2526 高危 219-62.0.4.el7_6.7 219-78.0.9.el7_9.7 systemd-resolved: use-after-free when dealing with DnsStream in resolved-dns-stream.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2526

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-09 15:15 修改: 2023-01-20 03:17
xz CVE-2022-1271 高危 5.2.2-1.el7 5.2.2-2.el7_9 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
xz-libs CVE-2022-1271 高危 5.2.2-1.el7 5.2.2-2.el7_9 gzip: arbitrary-file-write vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
zlib CVE-2018-25032 高危 1.2.7-18.el7 1.2.7-20.el7_9 zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
glibc-devel CVE-2020-10029 中危 2.17-260.0.17.el7_6.6 2.17-322.0.2.el7_9 glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10029

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-03-04 15:15 修改: 2023-11-07 03:14
glibc-devel CVE-2020-29573 中危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29573

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-06 00:15 修改: 2023-04-26 19:09
binutils CVE-2021-42574 中危 2.27-34.base.0.1.el7 2.27-44.base.0.3.el7_9.1 environment: Unicode's bidirectional (BiDi) override characters can cause trojan source attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42574

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-11-01 04:15 修改: 2024-08-04 04:16
cpio CVE-2019-14866 中危 2.11-27.el7 2.11-28.el7 cpio: improper input validation when writing tar header fields leads to unexpected tar generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14866

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-07 17:15 修改: 2023-06-04 22:15
bind-license CVE-2020-8623 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: remotely triggerable assertion failure in pk11.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8623

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
curl CVE-2019-5436 中危 7.29.0-51.0.1.el7 7.29.0-57.0.1.el7 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5436

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-28 19:29 修改: 2023-11-07 03:11
curl CVE-2020-8177 中危 7.29.0-51.0.1.el7 7.29.0-59.0.1.el7_9.1 curl: Incorrect argument check can allow remote servers to overwrite local files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8177

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
bind-license CVE-2020-8624 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: incorrect enforcement of update-policy rules of type "subdomain"

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8624

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
glibc-headers CVE-2016-10739 中危 2.17-260.0.17.el7_6.6 2.17-292.0.1.el7 glibc: getaddrinfo should reject IP addresses with trailing characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10739

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-21 19:29 修改: 2019-08-06 17:15
glibc-headers CVE-2020-10029 中危 2.17-260.0.17.el7_6.6 2.17-322.0.2.el7_9 glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10029

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-03-04 15:15 修改: 2023-11-07 03:14
glibc-headers CVE-2020-29573 中危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29573

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-06 00:15 修改: 2023-04-26 19:09
bind-license CVE-2021-25214 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.7 bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25214

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31
dbus CVE-2019-12749 中危 1:1.10.24-13.0.1.el7_6 1:1.10.24-15.0.1.el7 dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12749

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-06-11 17:29 修改: 2023-11-07 03:03
bind-license CVE-2021-25220 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.13 bind: DNS forwarders - cache poisoning vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25220

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-23 13:15 修改: 2023-11-09 14:44
dbus-libs CVE-2019-12749 中危 1:1.10.24-13.0.1.el7_6 1:1.10.24-15.0.1.el7 dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12749

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-06-11 17:29 修改: 2023-11-07 03:03
e2fsprogs-libs CVE-2019-5094 中危 1.42.9-13.el7 1.42.9-19.el7 e2fsprogs: Crafted ext4 partition leads to out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5094

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-09-24 22:15 修改: 2023-11-07 03:11
e2fsprogs-libs CVE-2019-5188 中危 1.42.9-13.el7 1.42.9-19.el7 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11
e2fsprogs-libs CVE-2022-1304 中危 1.42.9-13.el7 1.45.4-3.0.7.el7 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
bind-license CVE-2022-2795 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.13 bind: processing large delegations may severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2795

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:46
bind-libs CVE-2020-8622 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: truncated TSIG response can lead to an assertion failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8622

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
bind-libs CVE-2020-8623 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: remotely triggerable assertion failure in pk11.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8623

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
bind-libs CVE-2020-8624 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: incorrect enforcement of update-policy rules of type "subdomain"

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8624

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
bind-libs CVE-2021-25214 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.7 bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25214

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31
bind-libs CVE-2021-25220 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.13 bind: DNS forwarders - cache poisoning vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25220

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-23 13:15 修改: 2023-11-09 14:44
bind-libs CVE-2022-2795 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.13 bind: processing large delegations may severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2795

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:46
kernel-headers CVE-2015-9289 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: out of bound read in DVB connexant driver.

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-9289

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-27 22:15 修改: 2019-12-11 19:29
kernel-headers CVE-2017-17807 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17807

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2017-12-20 23:29 修改: 2019-10-03 00:03
kernel-headers CVE-2018-19985 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19985

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-03-21 16:00 修改: 2019-09-03 00:15
kernel-headers CVE-2018-20169 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20169

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-12-17 07:29 修改: 2024-03-04 22:59
kernel-headers CVE-2018-7191 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: denial of service via ioctl call in network tun handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7191

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-17 05:29 修改: 2019-05-31 12:29
kernel-headers CVE-2019-11190 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: ASLR bypass for setuid binaries due to late install_exec_creds()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11190

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-04-12 00:29 修改: 2019-06-07 07:29
kernel-headers CVE-2019-11884 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11884

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-10 22:29 修改: 2023-11-07 03:03
kernel-headers CVE-2019-12382 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12382

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-05-28 03:29 修改: 2024-08-05 00:15
kernel-headers CVE-2019-12614 中危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12614

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-06-03 22:29 修改: 2023-11-07 03:03
kernel-headers CVE-2019-13233 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: use-after-free in arch/x86/lib/insn-eval.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13233

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-04 13:15 修改: 2023-11-07 03:03
kernel-headers CVE-2019-13648 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13648

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-19 13:15 修改: 2023-11-07 03:03
kernel-headers CVE-2019-14283 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: integer overflow and OOB read in drivers/block/floppy.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14283

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-26 13:15 修改: 2019-08-11 23:15
kernel-headers CVE-2019-18660 中危 3.10.0-957.21.3.el7 3.10.0-1127.el7 kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18660

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-27 23:15 修改: 2023-11-07 03:06
kernel-headers CVE-2019-18808 中危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-18808

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-07 16:15 修改: 2023-11-07 03:07
kernel-headers CVE-2019-19046 中危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19046

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-18 06:15 修改: 2024-08-05 02:15
kernel-headers CVE-2020-0427 中危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: out-of-bounds reads in pinctrl subsystem.

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-0427

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-17 19:15 修改: 2022-10-25 16:12
kernel-headers CVE-2020-11565 中危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11565

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-04-06 01:15 修改: 2024-08-04 12:15
kernel-headers CVE-2020-12826 中危 3.10.0-957.21.3.el7 3.10.0-1160.el7 kernel: possible to send arbitrary signals to a privileged (suidroot) parent process

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12826

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-05-12 19:15 修改: 2021-07-15 19:16
kernel-headers CVE-2020-25656 中危 3.10.0-957.21.3.el7 3.10.0-1160.21.1.el7 kernel: use-after-free in read in vt_do_kdgkb_ioctl

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25656

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-02 01:15 修改: 2022-10-25 17:03
kernel-headers CVE-2020-25704 中危 3.10.0-957.21.3.el7 3.10.0-1160.53.1.el7 kernel: perf_event_parse_addr_filter memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25704

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-02 01:15 修改: 2022-10-25 16:30
kernel-headers CVE-2020-27777 中危 3.10.0-957.21.3.el7 3.10.0-1160.41.1.el7 kernel: powerpc: RTAS calls can be used to compromise kernel integrity

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27777

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-12-15 17:15 修改: 2023-10-05 14:29
kernel-headers CVE-2020-35513 中危 3.10.0-957.21.3.el7 3.10.0-1160.15.2.el7 kernel: Nfsd failure to clear umask after processing an open or create

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35513

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:21
kernel-headers CVE-2020-36322 中危 3.10.0-957.21.3.el7 3.10.0-1160.53.1.el7 kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36322

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-14 06:15 修改: 2022-10-14 18:56
kernel-headers CVE-2022-23825 中危 3.10.0-957.21.3.el7 3.10.0-1160.80.1.0.1.el7 hw: cpu: AMD: Branch Type Confusion (non-retbleed)

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23825

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-07-14 20:15 修改: 2024-02-04 08:15
kernel-headers CVE-2022-26373 中危 3.10.0-957.21.3.el7 3.10.0-1160.80.1.0.1.el7 hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-26373

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-08-18 20:15 修改: 2022-10-27 14:56
kernel-headers CVE-2023-20593 中危 3.10.0-957.21.3.el7 3.10.0-1160.99.1.0.1.el7 hw: amd: Cross-Process Information Leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20593

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-24 20:15 修改: 2024-06-10 18:15
kernel-headers CVE-2023-25775 中危 3.10.0-957.21.3.el7 3.10.0-1160.118.1.0.1.el7 kernel: irdma: Improper access control

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25775

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-08-11 03:15 修改: 2024-01-11 21:15
kernel-headers CVE-2023-38409 中危 3.10.0-957.21.3.el7 3.10.0-1160.114.2.0.1.el7 kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-38409

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-07-17 22:15 修改: 2023-07-27 03:49
kernel-headers CVE-2024-26602 中危 3.10.0-957.21.3.el7 3.10.0-1160.114.2.0.1.el7 kernel: sched/membarrier: reduce the ability to hammer on sys_membarrier

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26602

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2024-02-26 16:28 修改: 2024-06-27 12:15
bash CVE-2019-9924 中危 4.2.46-31.el7 4.2.46-34.el7 bash: BASH_CMD is writable in restricted bash shells

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9924

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-22 08:29 修改: 2022-04-05 20:11
expat CVE-2015-2716 中危 2.1.0-10.el7_3 2.1.0-11.el7 expat: Integer overflow leading to buffer overflow in XML_GetBuffer()

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-2716

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2015-05-14 10:59 修改: 2024-10-22 13:54
expat CVE-2018-20843 中危 2.1.0-10.el7_3 2.1.0-12.el7 expat: large number of colons in input makes parser consume high amount of resources, leading to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20843

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-06-24 17:15 修改: 2023-11-07 02:56
krb5-libs CVE-2021-37750 中危 1.15.1-37.el7_6 1.15.1-51.0.1.el7_9 krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
krb5-libs CVE-2024-37370 中危 1.15.1-37.el7_6 1.15.1-55.0.3.el7_9 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
krb5-libs CVE-2024-37371 中危 1.15.1-37.el7_6 1.15.1-55.0.3.el7_9 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
expat CVE-2019-15903 中危 2.1.0-10.el7_3 2.1.0-12.el7 expat: heap-based buffer over-read via crafted XML input

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-15903

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-04 06:15 修改: 2023-11-07 03:05
libX11 CVE-2018-14598 中危 1.6.5-2.el7 1.6.7-2.el7 libX11: Crash on invalid reply in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14598

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-24 19:29 修改: 2023-11-07 02:52
libX11 CVE-2018-14599 中危 1.6.5-2.el7 1.6.7-2.el7 libX11: Off-by-one error in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14599

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-24 19:29 修改: 2023-11-07 02:52
libX11 CVE-2018-14600 中危 1.6.5-2.el7 1.6.7-2.el7 libX11: Out of Bounds write in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14600

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-24 19:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15853 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15853

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15854 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15854

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15855 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference when handling xkb_geometry

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15855

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15856 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15856

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-10-03 00:03
libX11 CVE-2018-15857 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15857

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15859 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15859

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15861 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15861

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15862 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15862

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15863 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15863

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2018-15864 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15864

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11 CVE-2020-14363 中危 1.6.5-2.el7 1.6.7-3.el7_9 libX11: integer overflow leads to double free in locale handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14363

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-11 18:15 修改: 2023-11-07 03:17
libX11 CVE-2021-31535 中危 1.6.5-2.el7 1.6.7-4.el7_9 libX11: missing request length checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31535

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
libX11-common CVE-2018-14598 中危 1.6.5-2.el7 1.6.7-2.el7 libX11: Crash on invalid reply in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14598

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-24 19:29 修改: 2023-11-07 02:52
libX11-common CVE-2018-14599 中危 1.6.5-2.el7 1.6.7-2.el7 libX11: Off-by-one error in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14599

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-24 19:29 修改: 2023-11-07 02:52
libX11-common CVE-2018-14600 中危 1.6.5-2.el7 1.6.7-2.el7 libX11: Out of Bounds write in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14600

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-24 19:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15853 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: Endless recursion in xkbcomp/expr.c resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15853

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15854 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15854

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15855 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference when handling xkb_geometry

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15855

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15856 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: Infinite loop when reaching EOL unexpectedly resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15856

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-10-03 00:03
libX11-common CVE-2018-15857 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: Invalid free in ExprAppendMultiKeysymList resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15857

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15859 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference when parsing invalid atoms in ExprResolveLhs resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15859

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15861 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in ExprResolveLhs resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15861

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15862 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in LookupModMask resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15862

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15863 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in ResolveStateAndPredicate resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15863

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2018-15864 中危 1.6.5-2.el7 1.6.7-2.el7 libxkbcommon: NULL pointer dereference in resolve_keysym resulting in a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15864

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-25 21:29 修改: 2019-08-06 17:15
libX11-common CVE-2020-14363 中危 1.6.5-2.el7 1.6.7-3.el7_9 libX11: integer overflow leads to double free in locale handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14363

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-09-11 18:15 修改: 2023-11-07 03:17
libX11-common CVE-2021-31535 中危 1.6.5-2.el7 1.6.7-4.el7_9 libX11: missing request length checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31535

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-05-27 13:15 修改: 2023-11-07 03:34
libcom_err CVE-2019-5094 中危 1.42.9-13.el7 1.42.9-19.el7 e2fsprogs: Crafted ext4 partition leads to out-of-bounds write

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5094

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-24 22:15 修改: 2023-11-07 03:11
libcom_err CVE-2019-5188 中危 1.42.9-13.el7 1.42.9-19.el7 e2fsprogs: Out-of-bounds write in e2fsck/rehash.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5188

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 16:15 修改: 2023-11-07 03:11
libcom_err CVE-2022-1304 中危 1.42.9-13.el7 1.45.4-3.0.7.el7 e2fsprogs: out-of-bounds read/write via crafted filesystem

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-04-14 21:15 修改: 2023-11-07 03:41
expat CVE-2022-22822 中危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in addBinding in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-10 14:12 修改: 2022-10-06 15:29
libcurl CVE-2019-5436 中危 7.29.0-51.0.1.el7 7.29.0-57.0.1.el7 curl: TFTP receive heap buffer overflow in tftp_receive_packet() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5436

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-28 19:29 修改: 2023-11-07 03:11
libcurl CVE-2020-8177 中危 7.29.0-51.0.1.el7 7.29.0-59.0.1.el7_9.1 curl: Incorrect argument check can allow remote servers to overwrite local files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8177

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
libssh2 CVE-2019-17498 中危 1.4.3-12.0.1.el7_6.2 1.8.0-4.el7 libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17498

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-10-21 22:15 修改: 2023-11-07 03:06
libssh2 CVE-2019-3858 中危 1.4.3-12.0.1.el7_6.2 1.8.0-3.el7 libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3858

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-21 21:29 修改: 2023-11-07 03:10
libssh2 CVE-2019-3861 中危 1.4.3-12.0.1.el7_6.2 1.8.0-3.el7 libssh2: Out-of-bounds reads with specially crafted SSH packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3861

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-25 19:29 修改: 2023-11-07 03:10
libssh2 CVE-2020-22218 中危 1.4.3-12.0.1.el7_6.2 1.8.0-4.el7_9.1 libssh2: use-of-uninitialized-value in _libssh2_transport_read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-22218

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-08-22 19:16 修改: 2023-10-06 15:15
libxml2 CVE-2015-8035 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: DoS caused by incorrect error detection during XZ decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8035

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2015-11-18 16:59 修改: 2019-03-08 16:06
libxml2 CVE-2016-4658 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.3.el7_9.6 libxml2: Use after free via namespace node in XPointer ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-4658

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2016-09-25 10:59 修改: 2019-03-13 14:05
libxml2 CVE-2016-5131 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Use after free triggered by XPointer paths beginning with range-to

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-5131

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2016-07-23 19:59 修改: 2023-11-07 02:32
libxml2 CVE-2017-15412 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15412

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-08-28 19:29 修改: 2023-11-07 02:39
libxml2 CVE-2017-18258 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18258

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-04-08 17:29 修改: 2020-09-10 01:15
libxml2 CVE-2018-14404 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-07-19 13:29 修改: 2020-09-10 01:15
libxml2 CVE-2018-14567 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Infinite loop caused by incorrect error detection during LZMA decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14567

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-08-16 20:29 修改: 2020-09-10 01:15
libxml2 CVE-2019-19956 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.5 libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19956

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-12-24 16:15 修改: 2023-11-07 03:07
libxml2 CVE-2019-20388 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.5 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20388

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-21 23:15 修改: 2023-11-09 14:44
libxml2 CVE-2020-7595 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.5 libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7595

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-21 23:15 修改: 2023-11-07 03:26
libxml2-python CVE-2015-8035 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: DoS caused by incorrect error detection during XZ decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8035

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2015-11-18 16:59 修改: 2019-03-08 16:06
libxml2-python CVE-2016-4658 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.3.el7_9.6 libxml2: Use after free via namespace node in XPointer ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-4658

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2016-09-25 10:59 修改: 2019-03-13 14:05
libxml2-python CVE-2016-5131 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Use after free triggered by XPointer paths beginning with range-to

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-5131

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2016-07-23 19:59 修改: 2023-11-07 02:32
libxml2-python CVE-2017-15412 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Use after free in xmlXPathCompOpEvalPositionalPredicate() function in xpath.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15412

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-08-28 19:29 修改: 2023-11-07 02:39
libxml2-python CVE-2017-18258 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Unrestricted memory usage in xz_head() function in xzlib.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18258

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-04-08 17:29 修改: 2020-09-10 01:15
libxml2-python CVE-2018-14404 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: NULL pointer dereference in xmlXPathCompOpEval() function in xpath.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-07-19 13:29 修改: 2020-09-10 01:15
libxml2-python CVE-2018-14567 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.4 libxml2: Infinite loop caused by incorrect error detection during LZMA decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14567

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-08-16 20:29 修改: 2020-09-10 01:15
libxml2-python CVE-2019-19956 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.5 libxml2: memory leak in xmlParseBalancedChunkMemoryRecover in parser.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19956

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-12-24 16:15 修改: 2023-11-07 03:07
libxml2-python CVE-2019-20388 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.5 libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20388

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-21 23:15 修改: 2023-11-09 14:44
libxml2-python CVE-2020-7595 中危 2.9.1-6.0.1.el7_2.3 2.9.1-6.0.1.el7.5 libxml2: infinite loop in xmlStringLenDecodeEntities in some end-of-file situations

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7595

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-21 23:15 修改: 2023-11-07 03:26
nspr CVE-2018-0495 中危 4.19.0-1.el7_5 4.21.0-1.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nspr CVE-2018-12404 中危 4.19.0-1.el7_5 4.21.0-1.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nspr CVE-2019-11719 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nspr CVE-2019-11727 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nspr CVE-2019-11756 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nspr CVE-2019-17006 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nspr CVE-2019-17023 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nspr CVE-2020-12400 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nspr CVE-2020-12401 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nspr CVE-2020-12402 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nspr CVE-2020-12403 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nspr CVE-2020-6829 中危 4.19.0-1.el7_5 4.25.0-2.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
expat CVE-2022-22823 中危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in build_model in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
expat CVE-2022-22824 中危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in defineAttribute in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
expat CVE-2022-22825 中危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in lookup in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
expat CVE-2022-22826 中危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in nextScaffoldPart in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:44
nss CVE-2018-0495 中危 3.36.0-7.1.el7_6 3.44.0-4.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nss CVE-2018-12404 中危 3.36.0-7.1.el7_6 3.44.0-4.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nss CVE-2019-11719 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss CVE-2019-11727 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nss CVE-2019-11756 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nss CVE-2019-17006 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nss CVE-2019-17023 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nss CVE-2020-12400 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss CVE-2020-12401 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss CVE-2020-12402 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nss CVE-2020-12403 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nss CVE-2020-25648 中危 3.36.0-7.1.el7_6 3.53.1-7.el7_9 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20
nss CVE-2020-6829 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
expat CVE-2022-22827 中危 2.1.0-10.el7_3 2.1.0-14.0.1.el7_9 expat: Integer overflow in storeAtts in xmlparse.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:52
bind-libs CVE-2018-5745 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5745

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-09 16:15 修改: 2019-11-06 01:15
nss-softokn CVE-2018-0495 中危 3.36.0-5.0.1.el7_5 3.44.0-5.0.1.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nss-softokn CVE-2018-12404 中危 3.36.0-5.0.1.el7_5 3.44.0-5.0.1.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nss-softokn CVE-2019-11719 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-softokn CVE-2019-11727 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nss-softokn CVE-2019-11756 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nss-softokn CVE-2019-17006 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nss-softokn CVE-2019-17023 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nss-softokn CVE-2020-12400 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-softokn CVE-2020-12401 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-softokn CVE-2020-12402 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nss-softokn CVE-2020-12403 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nss-softokn CVE-2020-6829 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
glib2 CVE-2019-12450 中危 2.56.1-4.el7_6 2.56.1-7.el7 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12450

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-29 17:29 修改: 2023-11-07 03:03
glib2 CVE-2019-14822 中危 2.56.1-4.el7_6 2.56.1-7.el7 ibus: missing authorization allows local attacker to access the input bus of another user

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14822

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-11-25 12:15 修改: 2022-06-07 18:41
nss-softokn-freebl CVE-2018-0495 中危 3.36.0-5.0.1.el7_5 3.44.0-5.0.1.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nss-softokn-freebl CVE-2018-12404 中危 3.36.0-5.0.1.el7_5 3.44.0-5.0.1.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nss-softokn-freebl CVE-2019-11719 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-softokn-freebl CVE-2019-11727 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nss-softokn-freebl CVE-2019-11756 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nss-softokn-freebl CVE-2019-17006 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nss-softokn-freebl CVE-2019-17023 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nss-softokn-freebl CVE-2020-12400 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-softokn-freebl CVE-2020-12401 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-softokn-freebl CVE-2020-12402 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nss-softokn-freebl CVE-2020-12403 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nss-softokn-freebl CVE-2020-6829 中危 3.36.0-5.0.1.el7_5 3.53.1-6.0.1.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
bind-libs CVE-2019-6465 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6465

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-09 16:15 修改: 2019-12-16 16:57
bind-libs CVE-2019-6477 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: TCP Pipelining doesn't limit TCP clients on a single connection

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6477

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-26 16:15 修改: 2023-11-07 03:13
bind-license CVE-2018-5745 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5745

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-09 16:15 修改: 2019-11-06 01:15
bind-license CVE-2019-6465 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6465

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-09 16:15 修改: 2019-12-16 16:57
nss-sysinit CVE-2018-0495 中危 3.36.0-7.1.el7_6 3.44.0-4.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nss-sysinit CVE-2018-12404 中危 3.36.0-7.1.el7_6 3.44.0-4.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nss-sysinit CVE-2019-11719 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-sysinit CVE-2019-11727 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nss-sysinit CVE-2019-11756 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nss-sysinit CVE-2019-17006 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nss-sysinit CVE-2019-17023 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nss-sysinit CVE-2020-12400 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-sysinit CVE-2020-12401 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-sysinit CVE-2020-12402 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nss-sysinit CVE-2020-12403 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nss-sysinit CVE-2020-25648 中危 3.36.0-7.1.el7_6 3.53.1-7.el7_9 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20
nss-sysinit CVE-2020-6829 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
bind-license CVE-2019-6477 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: TCP Pipelining doesn't limit TCP clients on a single connection

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6477

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-26 16:15 修改: 2023-11-07 03:13
bind-license CVE-2020-8622 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: truncated TSIG response can lead to an assertion failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8622

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
glibc CVE-2016-10739 中危 2.17-260.0.17.el7_6.6 2.17-292.0.1.el7 glibc: getaddrinfo should reject IP addresses with trailing characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10739

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-01-21 19:29 修改: 2019-08-06 17:15
glibc CVE-2020-10029 中危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10029

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-03-04 15:15 修改: 2023-11-07 03:14
nss-tools CVE-2018-0495 中危 3.36.0-7.1.el7_6 3.44.0-4.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nss-tools CVE-2018-12404 中危 3.36.0-7.1.el7_6 3.44.0-4.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nss-tools CVE-2019-11719 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-tools CVE-2019-11727 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nss-tools CVE-2019-11756 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nss-tools CVE-2019-17006 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nss-tools CVE-2019-17023 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nss-tools CVE-2020-12400 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-tools CVE-2020-12401 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-tools CVE-2020-12402 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nss-tools CVE-2020-12403 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nss-tools CVE-2020-25648 中危 3.36.0-7.1.el7_6 3.53.1-7.el7_9 nss: TLS 1.3 CCS flood remote DoS Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25648

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-20 22:15 修改: 2023-11-07 03:20
nss-tools CVE-2020-6829 中危 3.36.0-7.1.el7_6 3.53.1-3.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
glibc CVE-2020-29573 中危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29573

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-12-06 00:15 修改: 2023-04-26 19:09
bind-utils CVE-2018-5745 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5745

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-09 16:15 修改: 2019-11-06 01:15
nss-util CVE-2018-0495 中危 3.36.0-1.1.el7_6 3.44.0-3.el7 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-13 23:29 修改: 2023-11-07 02:51
nss-util CVE-2018-12404 中危 3.36.0-1.1.el7_6 3.44.0-3.el7 nss: Cache side-channel variant of the Bleichenbacher attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12404

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-05-02 17:29 修改: 2021-02-12 07:15
nss-util CVE-2019-11719 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: Out-of-bounds read when importing curve25519 private key

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11719

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2020-09-30 18:15
nss-util CVE-2019-11727 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: PKCS#1 v1.5 signatures can be used for TLS 1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11727

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-23 14:15 修改: 2019-07-30 23:15
nss-util CVE-2019-11756 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: Use-after-free in sftk_FreeSession due to improper refcounting

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-11756

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 20:15 修改: 2020-01-13 18:02
nss-util CVE-2019-17006 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: Check length of inputs for cryptographic primitives

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17006

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-22 21:15 修改: 2021-07-21 11:39
nss-util CVE-2019-17023 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: TLS 1.3 HelloRetryRequest downgrade request sets client into invalid state

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17023

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-01-08 22:15 修改: 2023-01-27 18:24
nss-util CVE-2020-12400 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: P-384 and P-521 implementation uses a side-channel vulnerable modular inversion function

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12400

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-util CVE-2020-12401 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: ECDSA timing attack mitigation bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12401

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-08 14:15 修改: 2023-02-20 17:15
nss-util CVE-2020-12402 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: Side channel vulnerabilities during RSA key generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-09 15:15 修改: 2023-11-07 03:15
nss-util CVE-2020-12403 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: CHACHA20-POLY1305 decryption with undersized tag leads to out-of-bounds read

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-27 19:15 修改: 2023-03-24 16:15
nss-util CVE-2020-6829 中危 3.36.0-1.1.el7_6 3.53.1-1.el7_9 nss: Side channel attack on ECDSA signature generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-6829

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-10-28 12:15 修改: 2023-02-20 17:15
openldap CVE-2020-12243 中危 2.4.44-21.el7_6 2.4.44-22.el7 openldap: denial of service via nested boolean expressions in LDAP search filters

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-12243

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-04-28 19:15 修改: 2022-04-29 13:24
openldap CVE-2020-25692 中危 2.4.44-21.el7_6 2.4.44-23.el7_9 openldap: NULL pointer dereference for unauthenticated packet in slapd

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27
openldap CVE-2020-25709 中危 2.4.44-21.el7_6 2.4.44-25.el7_9 openldap: assertion failure in Certificate List syntax validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20
openldap CVE-2020-25710 中危 2.4.44-21.el7_6 2.4.44-25.el7_9 openldap: assertion failure in CSN normalization with invalid input

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20
bind-utils CVE-2019-6465 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: Controls for zone transfers may not be properly applied to DLZs if the zones are writable

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6465

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-10-09 16:15 修改: 2019-12-16 16:57
openssh CVE-2021-41617 中危 7.4p1-16.el7 10:7.4p1-22.0.1.el7_9_fips openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-09-26 19:15 修改: 2023-12-26 04:15
openssh CVE-2023-48795 中危 7.4p1-16.el7 10:7.4p1-23.0.3.el7_9_fips ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-12-18 16:15 修改: 2024-05-01 18:15
bind-utils CVE-2019-6477 中危 32:9.9.4-74.el7_6.1 32:9.11.4-16.P2.el7 bind: TCP Pipelining doesn't limit TCP clients on a single connection

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-6477

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-26 16:15 修改: 2023-11-07 03:13
openssh-clients CVE-2021-41617 中危 7.4p1-16.el7 10:7.4p1-22.0.1.el7_9_fips openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-09-26 19:15 修改: 2023-12-26 04:15
openssh-clients CVE-2023-48795 中危 7.4p1-16.el7 10:7.4p1-23.0.3.el7_9_fips ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-12-18 16:15 修改: 2024-05-01 18:15
bind-utils CVE-2020-8622 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: truncated TSIG response can lead to an assertion failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8622

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
openssl CVE-2019-1559 中危 1:1.0.2k-16.0.1.el7_6.1 1:1.0.2k-19.0.1.el7 openssl: 0-byte record padding oracle

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1559

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-02-27 23:29 修改: 2023-11-07 03:08
openssl CVE-2021-23840 中危 1:1.0.2k-16.0.1.el7_6.1 10:1.0.2k-22.el7_9_fips openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl CVE-2021-23841 中危 1:1.0.2k-16.0.1.el7_6.1 10:1.0.2k-22.el7_9_fips openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl CVE-2021-3712 中危 1:1.0.2k-16.0.1.el7_6.1 10:1.0.2k-23.0.1.el7_9_fips openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
bind-utils CVE-2020-8623 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: remotely triggerable assertion failure in pk11.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8623

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
openssl-libs CVE-2019-1559 中危 1:1.0.2k-16.0.1.el7_6.1 1:1.0.2k-19.0.1.el7 openssl: 0-byte record padding oracle

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1559

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-02-27 23:29 修改: 2023-11-07 03:08
openssl-libs CVE-2021-23840 中危 1:1.0.2k-16.0.1.el7_6.1 10:1.0.2k-22.el7_9_fips openssl: integer overflow in CipherUpdate

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl-libs CVE-2021-23841 中危 1:1.0.2k-16.0.1.el7_6.1 10:1.0.2k-22.el7_9_fips openssl: NULL pointer dereference in X509_issuer_and_serial_hash()

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl-libs CVE-2021-3712 中危 1:1.0.2k-16.0.1.el7_6.1 10:1.0.2k-23.0.1.el7_9_fips openssl: Read buffer overruns processing ASN.1 strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
procps-ng CVE-2018-1122 中危 3.3.10-23.el7 3.3.10-26.el7 procps: Local privilege escalation in top

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1122

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-05-23 14:29 修改: 2019-10-03 00:03
bind-utils CVE-2020-8624 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.2 bind: incorrect enforcement of update-policy rules of type "subdomain"

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8624

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-08-21 21:15 修改: 2023-11-07 03:26
glibc-common CVE-2016-10739 中危 2.17-260.0.17.el7_6.6 2.17-292.0.1.el7 glibc: getaddrinfo should reject IP addresses with trailing characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10739

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-01-21 19:29 修改: 2019-08-06 17:15
python CVE-2018-14647 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: Missing salt initialization in _elementtree.c module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14647

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-09-25 00:29 修改: 2023-11-07 02:53
python CVE-2018-20852 中危 2.7.5-80.0.1.el7_6 2.7.5-88.0.1.el7 python: Cookie domain check returns incorrect results

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20852

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-13 21:15 修改: 2023-11-07 02:56
python CVE-2019-16056 中危 2.7.5-80.0.1.el7_6 2.7.5-88.0.1.el7 python: email.utils.parseaddr wrongly parses email addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16056

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-06 18:15 修改: 2023-11-07 03:05
python CVE-2019-16935 中危 2.7.5-80.0.1.el7_6 2.7.5-89.0.1.el7 python: XSS vulnerability in the documentation XML-RPC server in server_title field

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16935

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-28 02:15 修改: 2023-11-07 03:06
python CVE-2019-20907 中危 2.7.5-80.0.1.el7_6 2.7.5-90.0.1.el7 python: infinite loop in the tarfile module via crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20907

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-13 13:15 修改: 2023-11-07 03:09
python CVE-2019-5010 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: NULL pointer dereference using a specially crafted X509 certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5010

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-10-31 21:15 修改: 2023-11-07 03:11
python CVE-2019-9740 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: CRLF injection via the query part of the url passed to urlopen()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9740

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-13 03:29 修改: 2023-11-07 03:13
python CVE-2019-9947 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: CRLF injection via the path part of the url passed to urlopen()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9947

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-23 18:29 修改: 2023-11-07 03:13
python CVE-2019-9948 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9948

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-23 18:29 修改: 2023-11-07 03:13
python CVE-2020-26116 中危 2.7.5-80.0.1.el7_6 2.7.5-92.0.1.el7_9 python: CRLF injection via HTTP request method in httplib/http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26116

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-09-27 04:15 修改: 2023-11-07 03:20
python CVE-2020-26137 中危 2.7.5-80.0.1.el7_6 2.7.5-92.0.1.el7_9 python-urllib3: CRLF injection via HTTP request method

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26137

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-09-30 18:15 修改: 2023-10-08 14:15
python CVE-2021-3177 中危 2.7.5-80.0.1.el7_6 2.7.5-92.0.1.el7_9 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37
glibc-common CVE-2020-10029 中危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10029

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-03-04 15:15 修改: 2023-11-07 03:14
glibc-common CVE-2020-29573 中危 2.17-260.0.17.el7_6.6 2.17-322.0.1.el7_9 glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29573

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-12-06 00:15 修改: 2023-04-26 19:09
python-libs CVE-2018-14647 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: Missing salt initialization in _elementtree.c module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14647

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-09-25 00:29 修改: 2023-11-07 02:53
python-libs CVE-2018-20852 中危 2.7.5-80.0.1.el7_6 2.7.5-88.0.1.el7 python: Cookie domain check returns incorrect results

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20852

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-07-13 21:15 修改: 2023-11-07 02:56
python-libs CVE-2019-16056 中危 2.7.5-80.0.1.el7_6 2.7.5-88.0.1.el7 python: email.utils.parseaddr wrongly parses email addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16056

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-06 18:15 修改: 2023-11-07 03:05
python-libs CVE-2019-16935 中危 2.7.5-80.0.1.el7_6 2.7.5-89.0.1.el7 python: XSS vulnerability in the documentation XML-RPC server in server_title field

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16935

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-09-28 02:15 修改: 2023-11-07 03:06
python-libs CVE-2019-20907 中危 2.7.5-80.0.1.el7_6 2.7.5-90.0.1.el7 python: infinite loop in the tarfile module via crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20907

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-07-13 13:15 修改: 2023-11-07 03:09
python-libs CVE-2019-5010 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: NULL pointer dereference using a specially crafted X509 certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5010

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-10-31 21:15 修改: 2023-11-07 03:11
python-libs CVE-2019-9740 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: CRLF injection via the query part of the url passed to urlopen()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9740

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-13 03:29 修改: 2023-11-07 03:13
python-libs CVE-2019-9947 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: CRLF injection via the path part of the url passed to urlopen()

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9947

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-23 18:29 修改: 2023-11-07 03:13
python-libs CVE-2019-9948 中危 2.7.5-80.0.1.el7_6 2.7.5-86.0.1.el7 python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-9948

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-03-23 18:29 修改: 2023-11-07 03:13
python-libs CVE-2020-26116 中危 2.7.5-80.0.1.el7_6 2.7.5-92.0.1.el7_9 python: CRLF injection via HTTP request method in httplib/http.client

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26116

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-09-27 04:15 修改: 2023-11-07 03:20
python-libs CVE-2020-26137 中危 2.7.5-80.0.1.el7_6 2.7.5-92.0.1.el7_9 python-urllib3: CRLF injection via HTTP request method

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26137

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2020-09-30 18:15 修改: 2023-10-08 14:15
python-libs CVE-2021-3177 中危 2.7.5-80.0.1.el7_6 2.7.5-92.0.1.el7_9 python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37
rpm CVE-2021-20271 中危 4.11.3-35.el7 4.11.3-48.el7_9 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15
rpm-build-libs CVE-2021-20271 中危 4.11.3-35.el7 4.11.3-48.el7_9 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15
rpm-libs CVE-2021-20271 中危 4.11.3-35.el7 4.11.3-48.el7_9 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15
rpm-python CVE-2021-20271 中危 4.11.3-35.el7 4.11.3-48.el7_9 rpm: Signature checks bypass via corrupted rpm package

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20271

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2021-03-26 17:15 修改: 2023-02-12 22:15
shared-mime-info CVE-2019-3820 中危 1.8-4.el7 1.8-5.el7 gnome-shell: partial lock screen bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3820

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-02-06 20:29 修改: 2021-09-29 14:24
bind-utils CVE-2021-25214 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.7 bind: Broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25214

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2021-04-29 01:15 修改: 2023-11-07 03:31
bind-utils CVE-2021-25220 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.13 bind: DNS forwarders - cache poisoning vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25220

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-03-23 13:15 修改: 2023-11-09 14:44
systemd CVE-2018-15686 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: line splitting via fgets() allows for state injection during daemon-reexec

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15686

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-26 14:29 修改: 2023-11-07 02:53
systemd CVE-2018-16866 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: out-of-bounds read when parsing a crafted syslog message

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16866

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-11 19:29 修改: 2023-02-13 04:52
systemd CVE-2018-16888 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
systemd CVE-2023-26604 中危 219-62.0.4.el7_6.7 219-78.0.17.el7_9.9 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
bind-utils CVE-2022-2795 中危 32:9.9.4-74.el7_6.1 32:9.11.4-26.P2.el7_9.13 bind: processing large delegations may severely degrade resolver performance

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2795

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2022-09-21 11:15 修改: 2023-11-07 03:46
systemd-libs CVE-2018-15686 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: line splitting via fgets() allows for state injection during daemon-reexec

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15686

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-26 14:29 修改: 2023-11-07 02:53
systemd-libs CVE-2018-16866 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: out-of-bounds read when parsing a crafted syslog message

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16866

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-11 19:29 修改: 2023-02-13 04:52
systemd-libs CVE-2018-16888 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
systemd-libs CVE-2023-26604 中危 219-62.0.4.el7_6.7 219-78.0.17.el7_9.9 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
binutils CVE-2018-1000876 中危 2.27-34.base.0.1.el7 2.27-41.base.0.1.el7 binutils: integer overflow leads to heap-based buffer overflow in objdump

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000876

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-12-20 17:29 修改: 2023-11-07 02:51
systemd-sysv CVE-2018-15686 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: line splitting via fgets() allows for state injection during daemon-reexec

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15686

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-26 14:29 修改: 2023-11-07 02:53
systemd-sysv CVE-2018-16866 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: out-of-bounds read when parsing a crafted syslog message

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16866

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-11 19:29 修改: 2023-02-13 04:52
systemd-sysv CVE-2018-16888 中危 219-62.0.4.el7_6.7 219-67.0.1.el7 systemd: kills privileged process if unprivileged PIDFile was tampered

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
systemd-sysv CVE-2023-26604 中危 219-62.0.4.el7_6.7 219-78.0.17.el7_9.9 systemd: privilege escalation via the less pager

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26604

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2023-03-03 16:15 修改: 2023-11-07 04:09
binutils CVE-2018-12641 中危 2.27-34.base.0.1.el7 2.27-41.base.0.1.el7 binutils: Stack Exhaustion in the demangling functions provided by libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12641

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-06-22 12:29 修改: 2019-10-03 00:03
binutils CVE-2018-12697 中危 2.27-34.base.0.1.el7 2.27-41.base.0.1.el7 binutils: NULL pointer dereference in work_stuff_copy_to_from in cplus-dem.c.

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12697

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-06-23 23:29 修改: 2019-08-03 13:15
glibc-devel CVE-2016-10739 中危 2.17-260.0.17.el7_6.6 2.17-292.0.2.el7 glibc: getaddrinfo should reject IP addresses with trailing characters

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10739

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-21 19:29 修改: 2019-08-06 17:15
zlib CVE-2022-37434 中危 1.2.7-18.el7 1.2.7-21.el7_9 zlib: heap-based buffer over-read and overflow in inflate() in inflate.c via a large gzip header extra field

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-37434

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2022-08-05 07:15 修改: 2023-07-19 00:56
elfutils-libs CVE-2018-18521 低危 0.172-2.el7 0.176-2.el7 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18521

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
glibc CVE-2019-19126 低危 2.17-260.0.17.el7_6.6 2.17-317.0.1.el7 glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19126

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-11-19 22:15 修改: 2023-11-07 03:07
elfutils-libs CVE-2019-7149 低危 0.172-2.el7 0.176-2.el7 elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7149

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-29 00:29 修改: 2019-06-10 17:29
libcurl CVE-2018-14618 低危 7.29.0-51.0.1.el7 7.29.0-51.0.1.el7_6.3 curl: NTLM password overflow via integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14618

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-09-05 19:29 修改: 2019-04-22 17:48
libcurl CVE-2018-16842 低危 7.29.0-51.0.1.el7 7.29.0-54.0.1.el7 curl: Heap-based buffer over-read in the curl tool warning formatting

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16842

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-10-31 19:29 修改: 2019-08-06 17:15
libcurl CVE-2022-43552 低危 7.29.0-51.0.1.el7 7.29.0-59.0.3.el7_9.2 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-02-09 20:15 修改: 2024-03-27 14:55
elfutils-libs CVE-2019-7150 低危 0.172-2.el7 0.176-2.el7 elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7150

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-29 00:29 修改: 2021-11-30 19:52
elfutils-libs CVE-2019-7664 低危 0.172-2.el7 0.176-2.el7 elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7664

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-02-09 16:29 修改: 2023-02-28 20:45
elfutils-libs CVE-2019-7665 低危 0.172-2.el7 0.176-2.el7 elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7665

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-02-09 16:29 修改: 2021-11-30 19:53
curl CVE-2022-43552 低危 7.29.0-51.0.1.el7 7.29.0-59.0.3.el7_9.2 curl: Use-after-free triggered by an HTTP proxy deny response

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-43552

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2023-02-09 20:15 修改: 2024-03-27 14:55
curl CVE-2018-14618 低危 7.29.0-51.0.1.el7 7.29.0-51.0.1.el7_6.3 curl: NTLM password overflow via integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14618

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-09-05 19:29 修改: 2019-04-22 17:48
curl CVE-2018-16842 低危 7.29.0-51.0.1.el7 7.29.0-54.0.1.el7 curl: Heap-based buffer over-read in the curl tool warning formatting

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16842

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-10-31 19:29 修改: 2019-08-06 17:15
elfutils-default-yama-scope CVE-2018-16062 低危 0.172-2.el7 0.176-2.el7 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16062

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-29 03:29 修改: 2023-11-07 02:53
elfutils-default-yama-scope CVE-2018-16402 低危 0.172-2.el7 0.176-2.el7 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16402

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
glibc-common CVE-2019-19126 低危 2.17-260.0.17.el7_6.6 2.17-317.0.1.el7 glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19126

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-11-19 22:15 修改: 2023-11-07 03:07
elfutils-default-yama-scope CVE-2018-16403 低危 0.172-2.el7 0.176-2.el7 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16403

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
elfutils-default-yama-scope CVE-2018-18310 低危 0.172-2.el7 0.176-2.el7 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18310

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-15 02:29 修改: 2021-11-30 21:59
elfutils-default-yama-scope CVE-2018-18520 低危 0.172-2.el7 0.176-2.el7 elfutils: eu-size cannot handle recursive ar files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18520

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
elfutils-default-yama-scope CVE-2018-18521 低危 0.172-2.el7 0.176-2.el7 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18521

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
openssh CVE-2018-15473 低危 7.4p1-16.el7 7.4p1-21.el7 openssh: User enumeration via malformed packets in authentication requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15473

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-17 19:29 修改: 2023-02-23 23:13
elfutils-default-yama-scope CVE-2019-7149 低危 0.172-2.el7 0.176-2.el7 elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7149

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-29 00:29 修改: 2019-06-10 17:29
elfutils-default-yama-scope CVE-2019-7150 低危 0.172-2.el7 0.176-2.el7 elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7150

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-01-29 00:29 修改: 2021-11-30 19:52
elfutils-default-yama-scope CVE-2019-7664 低危 0.172-2.el7 0.176-2.el7 elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7664

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-02-09 16:29 修改: 2023-02-28 20:45
openssh-clients CVE-2018-15473 低危 7.4p1-16.el7 7.4p1-21.el7 openssh: User enumeration via malformed packets in authentication requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15473

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-17 19:29 修改: 2023-02-23 23:13
elfutils-default-yama-scope CVE-2019-7665 低危 0.172-2.el7 0.176-2.el7 elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7665

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-02-09 16:29 修改: 2021-11-30 19:53
elfutils-libelf CVE-2018-16062 低危 0.172-2.el7 0.176-2.el7 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16062

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-08-29 03:29 修改: 2023-11-07 02:53
glibc-devel CVE-2019-19126 低危 2.17-260.0.17.el7_6.6 2.17-317.0.1.el7 glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19126

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-19 22:15 修改: 2023-11-07 03:07
elfutils-libelf CVE-2018-16402 低危 0.172-2.el7 0.176-2.el7 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16402

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
elfutils-libelf CVE-2018-16403 低危 0.172-2.el7 0.176-2.el7 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16403

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
openssl CVE-2018-0734 低危 1:1.0.2k-16.0.1.el7_6.1 1:1.0.2k-19.0.1.el7 openssl: timing side channel attack in the DSA signature algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0734

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-30 12:29 修改: 2023-11-07 02:51
elfutils-libelf CVE-2018-18310 低危 0.172-2.el7 0.176-2.el7 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18310

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-10-15 02:29 修改: 2021-11-30 21:59
systemd CVE-2019-20386 低危 219-62.0.4.el7_6.7 219-78.0.1.el7 systemd: memory leak in button_open() in login/logind-button.c when udev events are received

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20386

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-21 06:15 修改: 2023-11-07 03:09
file-libs CVE-2018-10360 低危 5.11-35.el7 5.11-36.el7 file: out-of-bounds read via a crafted ELF file

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10360

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-06-11 10:29 修改: 2019-05-02 14:40
elfutils-libelf CVE-2018-18520 低危 0.172-2.el7 0.176-2.el7 elfutils: eu-size cannot handle recursive ar files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18520

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
elfutils-libelf CVE-2018-18521 低危 0.172-2.el7 0.176-2.el7 elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18521

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
elfutils-libelf CVE-2019-7149 低危 0.172-2.el7 0.176-2.el7 elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7149

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-01-29 00:29 修改: 2019-06-10 17:29
openssl-libs CVE-2018-0734 低危 1:1.0.2k-16.0.1.el7_6.1 1:1.0.2k-19.0.1.el7 openssl: timing side channel attack in the DSA signature algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0734

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2018-10-30 12:29 修改: 2023-11-07 02:51
systemd-libs CVE-2019-20386 低危 219-62.0.4.el7_6.7 219-78.0.1.el7 systemd: memory leak in button_open() in login/logind-button.c when udev events are received

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20386

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-21 06:15 修改: 2023-11-07 03:09
elfutils-libelf CVE-2019-7150 低危 0.172-2.el7 0.176-2.el7 elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7150

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-01-29 00:29 修改: 2021-11-30 19:52
elfutils-libelf CVE-2019-7664 低危 0.172-2.el7 0.176-2.el7 elfutils: out of bound write in elf_cvt_note in libelf/note_xlate.h

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7664

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-02-09 16:29 修改: 2023-02-28 20:45
glibc-headers CVE-2019-19126 低危 2.17-260.0.17.el7_6.6 2.17-317.0.1.el7 glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19126

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-11-19 22:15 修改: 2023-11-07 03:07
elfutils-libelf CVE-2019-7665 低危 0.172-2.el7 0.176-2.el7 elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7665

镜像层: sha256:b87942114db6b2cf0bf150f9f85f220fffa5287d57e3bc1677f7f09915c10cf1

发布日期: 2019-02-09 16:29 修改: 2021-11-30 19:53
elfutils-libs CVE-2018-16062 低危 0.172-2.el7 0.176-2.el7 elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16062

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-08-29 03:29 修改: 2023-11-07 02:53
systemd-sysv CVE-2019-20386 低危 219-62.0.4.el7_6.7 219-78.0.1.el7 systemd: memory leak in button_open() in login/logind-button.c when udev events are received

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20386

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2020-01-21 06:15 修改: 2023-11-07 03:09
unzip CVE-2018-18384 低危 6.0-19.el7 6.0-20.el7 unzip: Buffer overflow in list.c resulting in a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18384

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-16 16:50 修改: 2019-12-16 20:24
unzip CVE-2019-13232 低危 6.0-19.el7 6.0-21.el7 unzip: overlapping of files in ZIP container leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13232

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2019-07-04 13:15 修改: 2023-11-07 03:03
elfutils-libs CVE-2018-16402 低危 0.172-2.el7 0.176-2.el7 elfutils: Double-free due to double decompression of sections in crafted ELF causes crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16402

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
elfutils-libs CVE-2018-16403 低危 0.172-2.el7 0.176-2.el7 elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16403

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
elfutils-libs CVE-2018-18310 低危 0.172-2.el7 0.176-2.el7 elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18310

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-15 02:29 修改: 2021-11-30 21:59
elfutils-libs CVE-2018-18520 低危 0.172-2.el7 0.176-2.el7 elfutils: eu-size cannot handle recursive ar files

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18520

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
kernel-headers ELSA-2019-1873-1 未知 3.10.0-957.21.3.el7 3.10.0-957.27.2.0.1.el7 ELSA-2019-1873-1: kernel bug fix update (NA)

漏洞详情:

镜像层: sha256:901286ce90b339f52b24e97b346ce4b77cec58100d858104a75ff440a9c85166

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
Java (jar)
低危漏洞:9 中危漏洞:62 高危漏洞:287 严重漏洞:114
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2017-15095 严重 2.8.10 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-02-06 15:29 修改: 2023-11-07 02:39
com.fasterxml.jackson.core:jackson-databind CVE-2017-15095 严重 2.8.10 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-02-06 15:29 修改: 2023-11-07 02:39
com.fasterxml.jackson.core:jackson-databind CVE-2017-17485 严重 2.8.10 2.9.4, 2.8.11, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-01-10 18:29 修改: 2023-06-08 18:00
com.fasterxml.jackson.core:jackson-databind CVE-2017-17485 严重 2.8.10 2.9.4, 2.8.11, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-01-10 18:29 修改: 2023-06-08 18:00
com.fasterxml.jackson.core:jackson-databind CVE-2018-11307 严重 2.8.10 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-09 16:15 修改: 2024-04-03 17:40
com.fasterxml.jackson.core:jackson-databind CVE-2018-11307 严重 2.8.10 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-09 16:15 修改: 2024-04-03 17:40
com.fasterxml.jackson.core:jackson-databind CVE-2018-14718 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: arbitrary code execution in slf4j-ext class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14718 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: arbitrary code execution in slf4j-ext class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14719 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14719 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14720 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: exfiltration/XXE in some JDK classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14720

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14720 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: exfiltration/XXE in some JDK classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14720

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14721 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14721

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14721 严重 2.8.10 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14721

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-19360 严重 2.8.10 2.9.8, 2.8.11.3, 2.7.9.5 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19360

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19360 严重 2.8.10 2.9.8, 2.8.11.3, 2.7.9.5 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19360

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19361 严重 2.8.10 2.7.9.5, 2.9.8, 2.8.11.3 jackson-databind: improper polymorphic deserialization in openjpa class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19361

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19361 严重 2.8.10 2.7.9.5, 2.9.8, 2.8.11.3 jackson-databind: improper polymorphic deserialization in openjpa class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19361

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19362 严重 2.8.10 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: improper polymorphic deserialization in jboss-common-core class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19362 严重 2.8.10 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: improper polymorphic deserialization in jboss-common-core class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-7489 严重 2.8.10 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5 jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-02-26 15:29 修改: 2023-11-07 03:01
com.fasterxml.jackson.core:jackson-databind CVE-2018-7489 严重 2.8.10 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5 jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-02-26 15:29 修改: 2023-11-07 03:01
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.8.10 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.8.10 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.8.10 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.8.10 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.8.10 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.8.10 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.8.10 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.8.10 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.8.10 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.8.10 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.8.10 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.8.10 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.8.10 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.8.10 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.8.10 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.8.10 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.8.10 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.8.10 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.8.10 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.8.10 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.8.10 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.8.10 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2018-11307 严重 2.9.5 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-09 16:15 修改: 2024-04-03 17:40
com.fasterxml.jackson.core:jackson-databind CVE-2018-14718 严重 2.9.5 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: arbitrary code execution in slf4j-ext class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14719 严重 2.9.5 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14720 严重 2.9.5 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: exfiltration/XXE in some JDK classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14720

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14721 严重 2.9.5 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14721

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-19360 严重 2.9.5 2.9.8, 2.8.11.3, 2.7.9.5 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19360

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19361 严重 2.9.5 2.7.9.5, 2.9.8, 2.8.11.3 jackson-databind: improper polymorphic deserialization in openjpa class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19361

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19362 严重 2.9.5 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: improper polymorphic deserialization in jboss-common-core class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.9.5 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.9.5 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.9.5 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.9.5 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.9.5 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.9.5 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.9.5 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.9.5 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.9.5 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9546 严重 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in shaded-hikari-config

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9546

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.9.5 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.9.5 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2018-19360 严重 2.9.7 2.9.8, 2.8.11.3, 2.7.9.5 jackson-databind: improper polymorphic deserialization in axis2-transport-jms class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19360

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19361 严重 2.9.7 2.7.9.5, 2.9.8, 2.8.11.3 jackson-databind: improper polymorphic deserialization in openjpa class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19361

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-19362 严重 2.9.7 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: improper polymorphic deserialization in jboss-common-core class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.9.7 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.9.7 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.9.7 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.9.7 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.9.7 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.9.7 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.9.7 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.9.7 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.9.7 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9546 严重 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in shaded-hikari-config

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9546

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.9.7 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.9.7 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.9.8 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.9.8 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.9.8 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.9.8 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.9.8 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.9.8 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.9.8 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.9.8 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.9.8 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.9.8 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.9.8 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.9.8 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.9.8 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.9.8 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.9.8 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.9.8 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.9.8 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.9.8 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9546 严重 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in shaded-hikari-config

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9546

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9546 严重 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in shaded-hikari-config

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9546

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.9.8 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.9.8 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.9.8 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.9.8 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
org.apache.commons:commons-configuration2 CVE-2020-1953 严重 2.2 2.7 apache-commons-configuration: uncontrolled class instantiation when loading YAML files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1953

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-13 15:15 修改: 2023-11-07 03:19
org.apache.commons:commons-configuration2 CVE-2020-1953 严重 2.2 2.7 apache-commons-configuration: uncontrolled class instantiation when loading YAML files

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1953

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-13 15:15 修改: 2023-11-07 03:19
org.apache.logging.log4j:log4j-core CVE-2021-44228 严重 2.11.0 2.15.0, 2.3.1, 2.12.2 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44228

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-10 10:15 修改: 2024-07-24 17:08
org.apache.logging.log4j:log4j-core CVE-2021-44228 严重 2.11.0 2.15.0, 2.3.1, 2.12.2 log4j-core: Remote code execution in Log4j 2.x when logs contain an attacker-controlled string value

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44228

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-10 10:15 修改: 2024-07-24 17:08
org.apache.logging.log4j:log4j-core CVE-2021-45046 严重 2.11.0 2.16.0, 2.12.2 log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45046

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-14 19:15 修改: 2024-06-27 19:24
org.apache.logging.log4j:log4j-core CVE-2021-45046 严重 2.11.0 2.16.0, 2.12.2 log4j-core: DoS in log4j 2.x with thread context message pattern and context lookup pattern (incomplete fix for CVE-2021-44228)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45046

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-14 19:15 修改: 2024-06-27 19:24
org.apache.tomcat.embed:tomcat-embed-core CVE-2018-8014 严重 9.0.8 9.0.9, 8.5.32, 8.0.53, 7.0.88 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-8014

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-05-16 16:29 修改: 2023-12-08 16:41
org.apache.tomcat.embed:tomcat-embed-core CVE-2020-1938 严重 9.0.8 9.0.31, 8.5.51, 7.0.100 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1938

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-24 22:15 修改: 2024-07-24 14:23
org.eclipse.jetty:jetty-server CVE-2017-7657 严重 8.1.14.v20131031 9.2.25.v20180606, 9.3.24.v20180605 jetty: HTTP request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7657

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-06-26 16:29 修改: 2023-11-07 02:50
org.eclipse.jetty:jetty-server CVE-2017-7658 严重 8.1.14.v20131031 9.2.25.v20180606, 9.3.24.v20180605, 9.4.11.v20180605 jetty: Incorrect header handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7658

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-06-26 17:29 修改: 2023-11-07 02:50
org.quartz-scheduler:quartz CVE-2019-13990 严重 2.3.0 2.3.2 libquartz: XXE attacks via job description

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13990

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-26 19:15 修改: 2024-10-15 19:35
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.8.10 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.8.10 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.8.10 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.8.10 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.8.10 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.8.10 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.8.10 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.8.10 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2018-12022 高危 2.9.5 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Jodd-db library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2018-12023 高危 2.9.5 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12023

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.9.5 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.9.5 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.9.5 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-14893 高危 2.9.5 2.9.10 jackson-databind: Serialization gadgets in classes of the xalan package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14893

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 21:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.9.5 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10672 高危 2.9.5 2.9.10.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10672

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.9.5 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10968 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10968

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10969 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in javax.swing.JEditorPane

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10969

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11111 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11111

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11112 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11112

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11113 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11113

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11619 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in org.springframework:spring-aop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11619

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-11620 高危 2.9.5 2.9.10.4 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11620

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-14060 高危 2.9.5 2.9.10.5 jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14060

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 21:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14061 高危 2.9.5 2.9.10.5 jackson-databind: serialization in weblogic/oracle-aqjms

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14061

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14062 高危 2.9.5 2.9.10.5 jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14062

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14195 高危 2.9.5 2.9.10.5 jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14195

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-16 16:15 修改: 2021-11-17 20:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.9.5 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.9.5 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.9.5 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.9.5 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.9.5 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.9.5 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.9.5 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.9.5 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.9.5 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.8.10 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.8.10 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.9.7 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.9.7 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.9.7 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-14893 高危 2.9.7 2.9.10 jackson-databind: Serialization gadgets in classes of the xalan package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14893

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 21:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.9.7 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10672 高危 2.9.7 2.9.10.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10672

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.9.7 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10968 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10968

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10969 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in javax.swing.JEditorPane

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10969

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11111 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11111

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11112 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11112

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11113 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11113

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11619 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in org.springframework:spring-aop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11619

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-11620 高危 2.9.7 2.9.10.4 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11620

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-14060 高危 2.9.7 2.9.10.5 jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14060

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 21:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14061 高危 2.9.7 2.9.10.5 jackson-databind: serialization in weblogic/oracle-aqjms

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14061

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14062 高危 2.9.7 2.9.10.5 jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14062

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14195 高危 2.9.7 2.9.10.5 jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14195

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-16 16:15 修改: 2021-11-17 20:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.9.7 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.9.7 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.9.7 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.9.7 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.9.7 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.9.7 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.9.7 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.9.7 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.9.7 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.8.10 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.8.10 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.8.10 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.8.10 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.8.10 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.8.10 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.8.10 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.8.10 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.8.10 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.8.10 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2018-12022 高危 2.8.10 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Jodd-db library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.9.8 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.9.8 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.9.8 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.9.8 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.9.8 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.9.8 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-14893 高危 2.9.8 2.9.10 jackson-databind: Serialization gadgets in classes of the xalan package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14893

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 21:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-14893 高危 2.9.8 2.9.10 jackson-databind: Serialization gadgets in classes of the xalan package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14893

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 21:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.9.8 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.9.8 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10672 高危 2.9.8 2.9.10.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10672

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10672 高危 2.9.8 2.9.10.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10672

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.9.8 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.9.8 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10968 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10968

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10968 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.aoju.bus.proxy.provider.*.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10968

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10969 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in javax.swing.JEditorPane

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10969

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-10969 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in javax.swing.JEditorPane

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10969

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-26 13:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11111 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11111

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11111 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.activemq.jms.pool.XaPooledConnectionFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11111

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11112 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11112

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11112 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.commons.proxy.provider.remoting.RmiProvider

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11112

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11113 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11113

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11113 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.apache.openjpa.ee.WASRegistryManagedRuntime

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11113

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-31 05:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-11619 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.springframework:spring-aop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11619

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-11619 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in org.springframework:spring-aop

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11619

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-11620 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11620

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-11620 高危 2.9.8 2.9.10.4 jackson-databind: Serialization gadgets in commons-jelly:commons-jelly

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11620

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-07 23:15 修改: 2023-11-07 03:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-14060 高危 2.9.8 2.9.10.5 jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14060

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 21:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14060 高危 2.9.8 2.9.10.5 jackson-databind: serialization in oadd.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14060

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 21:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14061 高危 2.9.8 2.9.10.5 jackson-databind: serialization in weblogic/oracle-aqjms

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14061

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14061 高危 2.9.8 2.9.10.5 jackson-databind: serialization in weblogic/oracle-aqjms

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14061

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14062 高危 2.9.8 2.9.10.5 jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14062

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14062 高危 2.9.8 2.9.10.5 jackson-databind: serialization in com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14062

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-14 20:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2020-14195 高危 2.9.8 2.9.10.5 jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14195

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-16 16:15 修改: 2021-11-17 20:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-14195 高危 2.9.8 2.9.10.5 jackson-databind: serialization in org.jsecurity.realm.jndi.JndiRealmFactory

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14195

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-06-16 16:15 修改: 2021-11-17 20:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.9.8 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.9.8 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.9.8 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.9.8 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.9.8 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.9.8 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.9.8 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.9.8 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.9.8 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.9.8 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.9.8 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.9.8 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.9.8 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.9.8 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.9.8 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.9.8 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.google.code.gson:gson CVE-2022-25647 高危 2.8.2 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.protobuf:protobuf-java CVE-2021-22569 高危 3.6.1 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
com.google.protobuf:protobuf-java CVE-2021-22570 高危 3.6.1 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.6.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.6.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.6.1 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-09-19 01:15 修改: 2024-09-20 12:30
commons-fileupload:commons-fileupload CVE-2023-24998 高危 1.4 1.5 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
commons-io:commons-io CVE-2024-47554 高危 2.5 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50
commons-io:commons-io CVE-2024-47554 高危 2.5 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50
commons-io:commons-io CVE-2024-47554 高危 2.6 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-10-03 12:15 修改: 2024-10-04 13:50
org.apache.commons:commons-compress CVE-2019-12402 高危 1.18 1.19 apache-commons-compress: Infinite loop in name encoding algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12402

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-08-30 09:15 修改: 2023-11-07 03:03
org.apache.commons:commons-compress CVE-2021-35515 高危 1.18 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35516 高危 1.18 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35517 高危 1.18 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-36090 高危 1.18 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2024-25710 高危 1.18 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2021-35515 高危 1.9 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35516 高危 1.9 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35517 高危 1.9 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-36090 高危 1.9 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2024-25710 高危 1.9 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
com.fasterxml.jackson.core:jackson-databind CVE-2018-12022 高危 2.8.10 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Jodd-db library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2018-12023 高危 2.8.10 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12023

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2018-12023 高危 2.8.10 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12023

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2018-5968 高危 2.8.10 2.8.11.1, 2.9.4, 2.7.9.5 jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-01-22 04:29 修改: 2023-09-13 14:19
com.fasterxml.jackson.core:jackson-databind CVE-2018-5968 高危 2.8.10 2.8.11.1, 2.9.4, 2.7.9.5 jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-01-22 04:29 修改: 2023-09-13 14:19
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.8.10 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
org.apache.logging.log4j:log4j-core CVE-2021-45105 高危 2.11.0 2.12.3, 2.17.0, 2.3.1 log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45105

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-18 12:15 修改: 2022-10-06 17:31
org.apache.logging.log4j:log4j-core CVE-2021-45105 高危 2.11.0 2.12.3, 2.17.0, 2.3.1 log4j-core: DoS in log4j 2.x with Thread Context Map (MDC) input data contains a recursive lookup and context lookup pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45105

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-18 12:15 修改: 2022-10-06 17:31
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.8.10 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.8.10 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
org.apache.tomcat.embed:tomcat-embed-core CVE-2018-8034 高危 9.0.8 9.0.10, 8.5.32, 8.0.53, 7.0.90 tomcat: Host name verification missing in WebSocket client

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-8034

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-08-01 18:29 修改: 2024-10-21 16:35
org.apache.tomcat.embed:tomcat-embed-core CVE-2019-0199 高危 9.0.8 9.0.16, 8.5.38 tomcat: Apache Tomcat HTTP/2 DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0199

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-04-10 15:29 修改: 2023-12-08 16:41
org.apache.tomcat.embed:tomcat-embed-core CVE-2019-0232 高危 9.0.8 9.0.17, 8.5.40, 7.0.94 tomcat: Remote Code Execution on Windows

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0232

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-04-15 15:29 修改: 2023-12-08 16:41
org.apache.tomcat.embed:tomcat-embed-core CVE-2019-10072 高危 9.0.8 9.0.20, 8.5.41 tomcat: HTTP/2 connection window exhaustion on write, incomplete fix of CVE-2019-0199

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10072

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-21 18:15 修改: 2023-12-08 16:41
org.apache.tomcat.embed:tomcat-embed-core CVE-2019-12418 高危 9.0.8 7.0.99, 8.5.49, 9.0.29 tomcat: local privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12418

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-12-23 18:15 修改: 2023-11-07 03:03
org.apache.tomcat.embed:tomcat-embed-core CVE-2019-17563 高危 9.0.8 7.0.99, 8.5.50, 9.0.30 tomcat: Session fixation when using FORM authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17563

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-12-23 17:15 修改: 2023-11-07 03:06
org.apache.tomcat.embed:tomcat-embed-core CVE-2021-25122 高危 9.0.8 10.0.2, 9.0.43, 8.5.63 tomcat: Request mix-up with h2c

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25122

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-03-01 12:15 修改: 2023-11-07 03:31
org.apache.tomcat.embed:tomcat-embed-core CVE-2021-25329 高危 9.0.8 10.0.2, 9.0.41, 8.5.61, 7.0.108 tomcat: Incomplete fix for CVE-2020-9484 (RCE via session persistence)

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-25329

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-03-01 12:15 修改: 2023-11-07 03:31
org.apache.tomcat.embed:tomcat-embed-core CVE-2022-42252 高危 9.0.8 8.5.83, 9.0.68, 10.0.27, 10.1.1 tomcat: request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42252

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-11-01 09:15 修改: 2023-05-30 06:15
org.apache.tomcat.embed:tomcat-embed-core CVE-2023-24998 高危 9.0.8 10.1.5, 11.0.0-M5, 8.5.88, 9.0.71 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
org.apache.tomcat.embed:tomcat-embed-core CVE-2023-46589 高危 9.0.8 11.0.0-M11, 10.1.16, 9.0.83, 8.5.96 tomcat: HTTP request smuggling via malformed trailer headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-46589

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-11-28 16:15 修改: 2024-07-12 16:11
org.apache.tomcat.embed:tomcat-embed-core CVE-2024-34750 高危 9.0.8 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
org.apache.xmlgraphics:xmlgraphics-commons CVE-2020-11988 高危 2.3 2.6 xmlgraphics-commons: SSRF due to improper input validation by the XMPParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11988

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-02-24 18:15 修改: 2023-11-07 03:15
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.3.3 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-40150 高危 1.3.3 1.5.2 jettison: memory exhaustion via user-supplied XML or JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40150

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-16 10:15 修改: 2023-07-13 17:24
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.3.3 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45685 高危 1.3.3 1.5.2 jettison: stack overflow in JSONObject() allows attackers to cause a Denial of Service (DoS) via crafted JSON data

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45685

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-13 15:15 修改: 2023-01-30 17:57
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.3.3 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2022-45693 高危 1.3.3 1.5.2 jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45693

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-13 15:15 修改: 2023-01-26 17:35
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.3.3 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
org.codehaus.jettison:jettison CVE-2023-1436 高危 1.3.3 1.5.4 jettison: Uncontrolled Recursion in JSONArray

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1436

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-03-22 06:15 修改: 2023-11-07 04:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.8.10 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.8.10 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
org.eclipse.jetty:jetty-server CVE-2015-2080 高危 8.1.14.v20131031 9.2.9.v20150224 jetty: remote unauthenticated credential exposure

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-2080

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2016-10-07 14:59 修改: 2019-03-08 11:29
org.eclipse.jetty:jetty-server CVE-2017-7656 高危 8.1.14.v20131031 9.3.24.v20180605, 9.4.11.v20180605 jetty: HTTP request smuggling using the range header

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7656

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-06-26 15:29 修改: 2023-11-07 02:50
org.eclipse.jetty:jetty-server CVE-2017-9735 高危 8.1.14.v20131031 9.4.6.v20170531, 9.3.20.v20170531, 9.2.22.v20170606 jetty: Timing channel attack in util/security/Password.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-9735

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2017-06-16 21:29 修改: 2023-11-07 02:50
org.eclipse.jetty:jetty-server CVE-2021-28165 高危 8.1.14.v20131031 9.4.39, 10.0.2, 11.0.2 jetty: Resource exhaustion when receiving an invalid large TLS frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28165

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-04-01 15:15 修改: 2023-11-07 03:32
org.owasp.esapi:esapi CVE-2022-23457 高危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23457

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-25 20:15 修改: 2023-02-23 18:47
org.owasp.esapi:esapi CVE-2022-23457 高危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23457

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-25 20:15 修改: 2023-02-23 18:47
org.owasp.esapi:esapi CVE-2022-23457 高危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23457

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-25 20:15 修改: 2023-02-23 18:47
org.owasp.esapi:esapi CVE-2022-23457 高危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23457

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-25 20:15 修改: 2023-02-23 18:47
org.owasp.esapi:esapi CVE-2022-23457 高危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23457

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-25 20:15 修改: 2023-02-23 18:47
org.owasp.esapi:esapi GHSA-7c2q-5qmr-v76q 高危 2.1.0.1 2.5.2.0 DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998

漏洞详情: https://github.com/advisories/GHSA-7c2q-5qmr-v76q

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-7c2q-5qmr-v76q 高危 2.1.0.1 2.5.2.0 DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998

漏洞详情: https://github.com/advisories/GHSA-7c2q-5qmr-v76q

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-7c2q-5qmr-v76q 高危 2.1.0.1 2.5.2.0 DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998

漏洞详情: https://github.com/advisories/GHSA-7c2q-5qmr-v76q

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-7c2q-5qmr-v76q 高危 2.1.0.1 2.5.2.0 DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998

漏洞详情: https://github.com/advisories/GHSA-7c2q-5qmr-v76q

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-7c2q-5qmr-v76q 高危 2.1.0.1 2.5.2.0 DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998

漏洞详情: https://github.com/advisories/GHSA-7c2q-5qmr-v76q

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 高危 2.1.0.1 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 高危 2.1.0.1 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 高危 2.1.0.1 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 高危 2.1.0.1 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 高危 2.1.0.1 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.8.10 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
org.yaml:snakeyaml CVE-2017-18640 高危 1.23 1.26 snakeyaml: Billion laughs attack via alias feature

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18640

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-12-12 03:15 修改: 2023-11-07 02:41
org.yaml:snakeyaml CVE-2017-18640 高危 1.23 1.26 snakeyaml: Billion laughs attack via alias feature

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18640

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-12-12 03:15 修改: 2023-11-07 02:41
org.yaml:snakeyaml CVE-2022-1471 高危 1.23 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml CVE-2022-1471 高危 1.23 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml CVE-2022-25857 高危 1.23 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-25857 高危 1.23 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15
xerces:xercesImpl CVE-2012-0881 高危 2.11.0 2.12.0 xml: xerces-j2 hash table collisions CPU usage DoS (oCERT-2011-003)

漏洞详情: https://avd.aquasec.com/nvd/cve-2012-0881

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2017-10-30 16:29 修改: 2023-02-13 00:23
xerces:xercesImpl CVE-2013-4002 高危 2.11.0 2.12.0 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4002

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2013-07-23 11:03 修改: 2023-11-07 02:16
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.6.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
org.codehaus.groovy:groovy-all CVE-2020-17521 中危 2.4.15 2.4.21, 2.5.14, 3.0.7 groovy: OS temporary directory leads to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17521

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-07 20:15 修改: 2023-11-07 03:19
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.2 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-03-21 09:15 修改: 2024-08-28 15:35
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.2 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-03-21 09:15 修改: 2024-08-28 15:35
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.2 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-03-21 09:15 修改: 2024-05-01 17:15
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.2 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-03-21 09:15 修改: 2024-05-01 17:15
org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.5 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.6 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.9.5 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.9.5 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.3.3 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
org.codehaus.jettison:jettison CVE-2022-40149 中危 1.3.3 1.5.1 jettison: parser crash by stackoverflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40149

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-16 10:15 修改: 2023-03-01 16:32
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.9.8 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
commons-io:commons-io CVE-2021-29425 中危 2.5 2.7 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-04-13 07:15 修改: 2023-11-07 03:32
commons-io:commons-io CVE-2021-29425 中危 2.5 2.7 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-04-13 07:15 修改: 2023-11-07 03:32
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.9.8 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
org.apache.logging.log4j:log4j-core CVE-2021-44832 中危 2.11.0 2.3.2, 2.12.4, 2.17.1 log4j-core: remote code execution via JDBC Appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44832

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-28 20:15 修改: 2023-11-07 03:39
org.apache.logging.log4j:log4j-core CVE-2021-44832 中危 2.11.0 2.3.2, 2.12.4, 2.17.1 log4j-core: remote code execution via JDBC Appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-44832

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-12-28 20:15 修改: 2023-11-07 03:39
org.eclipse.jetty:jetty-server CVE-2019-10241 中危 8.1.14.v20131031 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411 jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10241

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-04-22 20:29 修改: 2023-11-07 03:02
org.eclipse.jetty:jetty-server CVE-2019-10247 中危 8.1.14.v20131031 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 jetty: error path information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10247

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-04-22 20:29 修改: 2023-11-07 03:02
org.eclipse.jetty:jetty-server CVE-2023-26048 中危 8.1.14.v20131031 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
commons-io:commons-io CVE-2021-29425 中危 2.6 2.7 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-04-13 07:15 修改: 2023-11-07 03:32
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.9.8 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.9.8 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.9.7 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
com.google.guava:guava CVE-2018-10237 中危 23.6-jre 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
com.google.guava:guava CVE-2023-2976 中危 23.6-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2023-2976 中危 26.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2023-2976 中危 26.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.9.7 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.8.10 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.8.10 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.8.10 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
org.apache.commons:commons-compress CVE-2018-11771 中危 1.9 1.18 apache-commons-compress: ZipArchiveInputStream.read() fails to identify correct EOF allowing for DoS via crafted zip

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11771

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-08-16 15:29 修改: 2023-11-07 02:51
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.8.10 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
org.apache.tomcat.embed:tomcat-embed-core CVE-2018-11784 中危 9.0.8 8.5.34, 7.0.91, 9.0.12 tomcat: Open redirect in default servlet

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11784

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-10-04 13:29 修改: 2023-12-08 16:41
org.owasp.esapi:esapi CVE-2022-24891 中危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24891

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-27 21:15 修改: 2023-06-23 19:33
org.owasp.esapi:esapi CVE-2022-24891 中危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24891

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-27 21:15 修改: 2023-06-23 19:33
org.owasp.esapi:esapi CVE-2022-24891 中危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24891

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-27 21:15 修改: 2023-06-23 19:33
org.owasp.esapi:esapi CVE-2022-24891 中危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24891

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-27 21:15 修改: 2023-06-23 19:33
org.owasp.esapi:esapi CVE-2022-24891 中危 2.1.0.1 2.3.0.0 ESAPI (The OWASP Enterprise Security API) is a free, open source, web ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24891

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-04-27 21:15 修改: 2023-06-23 19:33
org.apache.tomcat.embed:tomcat-embed-core CVE-2018-8037 中危 9.0.8 9.0.10, 8.5.32 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-8037

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2018-08-02 14:29 修改: 2023-12-08 16:41
org.apache.tomcat.embed:tomcat-embed-core CVE-2019-0221 中危 9.0.8 9.0.17, 8.5.40, 7.0.94 tomcat: XSS in SSI printenv

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0221

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2019-05-28 22:29 修改: 2023-12-08 16:41
org.apache.tomcat.embed:tomcat-embed-core CVE-2020-1935 中危 9.0.8 7.0.100, 8.5.51, 9.0.31 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1935

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-02-24 22:15 修改: 2023-11-07 03:19
org.apache.tomcat.embed:tomcat-embed-core CVE-2021-24122 中危 9.0.8 10.0.0-M10, 9.0.40, 8.5.60, 7.0.107 tomcat: Information disclosure when using NTFS file system

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-24122

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-01-14 15:15 修改: 2023-11-07 03:31
org.apache.tomcat.embed:tomcat-embed-core CVE-2023-41080 中危 9.0.8 8.5.93, 9.0.80, 10.1.13, 11.0.0-M11 tomcat: Open Redirect vulnerability in FORM authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-41080

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-08-25 21:15 修改: 2023-11-03 19:00
org.apache.tomcat.embed:tomcat-embed-core CVE-2023-42795 中危 9.0.8 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 tomcat: improper cleaning of recycled objects could lead to information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42795

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-10-10 18:15 修改: 2023-11-04 06:15
org.apache.tomcat.embed:tomcat-embed-core CVE-2023-44487 中危 9.0.8 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-10-10 14:15 修改: 2024-08-14 19:57
org.yaml:snakeyaml CVE-2022-38749 中危 1.23 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38749 中危 1.23 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38750 中危 1.23 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38750 中危 1.23 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38751 中危 1.23 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38751 中危 1.23 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38752 中危 1.23 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-38752 中危 1.23 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml CVE-2022-41854 中危 1.23 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml CVE-2022-41854 中危 1.23 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15
org.apache.tomcat.embed:tomcat-embed-core CVE-2023-45648 中危 9.0.8 11.0.0-M12, 10.1.14, 9.0.81, 8.5.94 tomcat: incorrectly parsed http trailer headers can cause request smuggling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45648

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-10-10 19:15 修改: 2023-11-04 06:15
org.apache.tomcat.embed:tomcat-embed-core CVE-2024-24549 中危 9.0.8 8.5.99, 9.0.86, 10.1.19, 11.0.0-M17 Tomcat: HTTP/2 header handling DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24549

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-03-13 16:15 修改: 2024-06-23 09:15
xerces:xercesImpl CVE-2020-14338 中危 2.11.0 2.12.0.sp3 wildfly: XML validation manipulation due to incomplete application of use-grammar-pool-only in xercesImpl

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14338

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-09-17 15:15 修改: 2023-11-07 03:17
xerces:xercesImpl CVE-2022-23437 中危 2.11.0 2.12.2 xerces-j2: infinite loop when handling specially crafted XML document payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23437

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-01-24 15:15 修改: 2023-08-08 14:22
com.google.guava:guava CVE-2020-8908 低危 23.6-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 26.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.eclipse.jetty:jetty-server CVE-2021-34428 低危 8.1.14.v20131031 9.4.41, 10.0.3, 11.0.3 jetty: SessionListener can prevent a session from being invalidated breaking logout

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-34428

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2021-06-22 15:15 修改: 2023-11-07 03:35
org.eclipse.jetty:jetty-server CVE-2023-26049 低危 8.1.14.v20131031 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
org.apache.logging.log4j:log4j-core CVE-2020-9488 低危 2.11.0 2.13.2, 2.12.3, 2.3.2 log4j: improper validation of certificate with host mismatch in SMTP appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9488

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-27 16:15 修改: 2023-11-07 03:26
org.apache.logging.log4j:log4j-core CVE-2020-9488 低危 2.11.0 2.13.2, 2.12.3, 2.3.2 log4j: improper validation of certificate with host mismatch in SMTP appender

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9488

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-04-27 16:15 修改: 2023-11-07 03:26
com.google.guava:guava CVE-2020-8908 低危 26.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 8.1.14.v20131031 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10
org.eclipse.jetty:jetty-http CVE-2024-6763 低危 8.1.14.v20131031 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:1ba4cd28a66a718366e89daabff58cf5e909444e8873ebe2ae9136c37a9bbf49

发布日期: 2024-10-14 16:15 修改: 2024-10-15 12:57