docker.io/kubesphere/ks-jenkins:v3.2.0-2.249.1 linux/amd64

docker.io/kubesphere/ks-jenkins:v3.2.0-2.249.1 - Trivy安全扫描结果扫描时间: 2024-12-31 09:01

全部漏洞信息

低危漏洞:73

中危漏洞:135

高危漏洞:186

严重漏洞:48

系统OS: debian 9.13 扫描引擎: Trivy 扫描时间: 2024-12-31 09:01

docker.io/kubesphere/ks-jenkins:v3.2.0-2.249.1 (debian 9.13) (debian)

低危漏洞:64

中危漏洞:73

高危漏洞:131

严重漏洞:27

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
bzip2	CVE-2019-12900	严重	1.0.6-8.1		bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail). 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
dpkg	CVE-2022-1664	严重	1.18.25	1.18.26	Dpkg::Source::Archive in dpkg, the Debian package management system, b ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1664 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-05-26 14:15 修改: 2022-12-03 02:19
libbsd0	CVE-2019-20367	严重	0.8.3-1	0.8.3-1+deb9u1	nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a com ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20367 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2020-01-08 17:15 修改: 2023-11-07 03:09
libbz2-1.0	CVE-2019-12900	严重	1.0.6-8.1		bzip2: bzip2: Data integrity error when decompressing (with data integrity tests fail). 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12900 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-06-19 23:15 修改: 2023-11-07 03:03
libdb5.3	CVE-2019-8457	严重	5.3.28-12+deb9u1		sqlite: heap out-of-bound read in function rtreenode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13
libelf1	CVE-2018-16402	严重	0.168-1	0.168-1+deb9u1	elfutils: Double-free due to double decompression of sections in crafted ELF causes crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16402 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
libexpat1	CVE-2022-22822	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in addBinding in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22822 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-10 14:12 修改: 2022-10-06 15:29
libexpat1	CVE-2022-22823	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in build_model in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22823 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
libexpat1	CVE-2022-22824	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in defineAttribute in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22824 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
libexpat1	CVE-2022-23852	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u5	expat: Integer overflow in function XML_GetBuffer 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23852 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-24 02:15 修改: 2022-10-29 02:44
libexpat1	CVE-2022-25235	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u5	expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25235 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-25236	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u5	expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25236 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-02-16 01:15 修改: 2023-11-07 03:44
libexpat1	CVE-2022-25315	严重	2.2.0-2+deb9u3	2.2.0-2+deb9u5	expat: Integer overflow in storeRawNames() 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25315 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
libfreetype6	CVE-2022-27404	严重	2.6.3-3.2+deb9u1		FreeType: Buffer overflow in sfnt_init_face 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27404 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34
libldap-2.4-2	CVE-2022-29155	严重	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u9	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56
libldap-common	CVE-2022-29155	严重	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u9	openldap: OpenLDAP SQL injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29155 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-05-04 20:15 修改: 2022-10-06 15:56
liblz4-1	CVE-2021-3520	严重	0.0~r131-2+b1	0.0~r131-2+deb9u1	lz4: memory corruption due to an integer overflow bug caused by memmove argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3520 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-06-02 13:15 修改: 2024-06-06 20:25
libpng16-16	CVE-2017-12652	严重	1.6.28-1+deb9u1		libpng: does not check length of chunks against user limit 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12652 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2019-07-10 15:15 修改: 2023-11-07 02:38
libpython2.7-minimal	CVE-2021-3177	严重	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37
libpython2.7-stdlib	CVE-2021-3177	严重	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37
libsqlite3-0	CVE-2019-8457	严重	3.16.2-5+deb9u2		sqlite: heap out-of-bound read in function rtreenode() 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-8457 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2019-05-30 16:29 修改: 2023-11-07 03:13
libssl1.1	CVE-2022-1292	严重	1.1.0l-1~deb9u1	1.1.0l-1~deb9u6	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41
login	CVE-2017-12424	严重	1:4.4-4.1	1:4.4-4.1+deb9u1	shadow-utils: Buffer overflow via newusers tool 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02
openssl	CVE-2022-1292	严重	1.1.0l-1~deb9u1	1.1.0l-1~deb9u6	openssl: c_rehash script allows command injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1292 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-05-03 16:15 修改: 2023-11-07 03:41
passwd	CVE-2017-12424	严重	1:4.4-4.1	1:4.4-4.1+deb9u1	shadow-utils: Buffer overflow via newusers tool 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12424 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-08-04 09:29 修改: 2021-03-23 20:02
python2.7	CVE-2021-3177	严重	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37
python2.7-minimal	CVE-2021-3177	严重	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3177 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-19 06:15 修改: 2023-11-07 03:37
libcurl3	CVE-2020-8285	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libcurl3	CVE-2020-8286	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: Inferior OCSP verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libcurl3	CVE-2021-22946	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u16	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
libcurl3-gnutls	CVE-2020-8231	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u12	curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
libcurl3-gnutls	CVE-2020-8285	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libcurl3-gnutls	CVE-2020-8286	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: Inferior OCSP verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
libcurl3-gnutls	CVE-2021-22946	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u16	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
curl	CVE-2020-8286	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: Inferior OCSP verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8286 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
curl	CVE-2021-22946	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u16	curl: Requirement to use TLS not properly enforced for IMAP, POP3, and FTP protocols 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22946 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:12
dirmngr	CVE-2018-1000858	高危	2.1.18-8~deb9u4		gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43
bsdutils	CVE-2016-2779	高危	1:2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
e2fslibs	CVE-2022-1304	高危	1.43.4-2+deb9u2		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
e2fsprogs	CVE-2022-1304	高危	1.43.4-2+deb9u2		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
gcc-6-base	CVE-2018-12886	高危	6.3.0-18+deb9u1		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
git	CVE-2021-21300	高危	1:2.11.0-3+deb9u7		git: remote code execution during clone operation on case-insensitive filesystems 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21300 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-03-09 20:15 修改: 2023-11-07 03:29
git	CVE-2021-40330	高危	1:2.11.0-3+deb9u7		git: unexpected cross-protocol requests via a repository path containing a newline character 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40330 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-08-31 04:15 修改: 2022-11-07 18:37
libexpat1	CVE-2021-45960	高危	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Large number of prefixed XML attributes on a single tag can crash libexpat 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45960 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-01 19:15 修改: 2022-10-06 19:08
libexpat1	CVE-2021-46143	高危	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in doProlog in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46143 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-06 04:15 修改: 2022-10-06 19:11
libexpat1	CVE-2022-22825	高危	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in lookup in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22825 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-10 14:12 修改: 2022-10-06 14:47
libexpat1	CVE-2022-22826	高危	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in nextScaffoldPart in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22826 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:44
libexpat1	CVE-2022-22827	高危	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: Integer overflow in storeAtts in xmlparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22827 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-10 14:12 修改: 2022-10-06 12:52
libexpat1	CVE-2022-23990	高危	2.2.0-2+deb9u3	2.2.0-2+deb9u4	expat: integer overflow in the doProlog function 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23990 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-01-26 19:15 修改: 2023-11-07 03:44
libfdisk1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
git	CVE-2022-24765	高危	1:2.11.0-3+deb9u7		git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24765 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-12 18:15 修改: 2023-12-27 10:15
libfreetype6	CVE-2022-27405	高危	2.6.3-3.2+deb9u1		FreeType: Segmentation violation via FNT_Size_Request 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27405 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34
libfreetype6	CVE-2022-27406	高危	2.6.3-3.2+deb9u1		Freetype: Segmentation violation via FT_Request_Size 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27406 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-22 14:15 修改: 2024-02-29 01:34
libgcc1	CVE-2018-12886	高危	1:6.3.0-18+deb9u1		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
libgcrypt20	CVE-2021-33560	高危	1.7.6-2+deb9u3		libgcrypt: mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33560 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-06-08 11:15 修改: 2023-11-07 03:35
libgmp10	CVE-2021-43618	高危	2:6.1.2+dfsg-1	2:6.1.2+dfsg-1+deb9u1	gmp: Integer overflow and resultant buffer overflow via crafted input 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-43618 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-11-15 04:15 修改: 2023-09-29 15:15
libgssapi-krb5-2	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
libhogweed4	CVE-2021-20305	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Out of bounds memory access in signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29
libhogweed4	CVE-2021-3580	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Remote crash in RSA decryption via manipulated ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15
libk5crypto3	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
libkrb5-3	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
libkrb5support0	CVE-2020-28196	高危	1.15-1+deb9u1	1.15-1+deb9u2	krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-28196 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-11-06 08:15 修改: 2023-11-07 03:21
git-man	CVE-2021-21300	高危	1:2.11.0-3+deb9u7		git: remote code execution during clone operation on case-insensitive filesystems 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21300 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-03-09 20:15 修改: 2023-11-07 03:29
libldap-2.4-2	CVE-2020-25692	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u5	openldap: NULL pointer dereference for unauthenticated packet in slapd 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27
libldap-2.4-2	CVE-2020-25709	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in Certificate List syntax validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20
libldap-2.4-2	CVE-2020-25710	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in CSN normalization with invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20
libldap-2.4-2	CVE-2020-36221	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36222	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in slapd in the saslAuthzTo validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36223	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Out-of-bounds read in Values Return Filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36224	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Invalid pointer free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36225	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Double free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36226	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Denial of service via length miscalculation in slap_parse_user 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36227	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Infinite loop in slapd with the cancel_extop Cancel operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36228	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36229	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Type confusion in ad_keystring in ad.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2020-36230	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in ber_next_element in decode.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-2.4-2	CVE-2021-27212	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u8	openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-02-14 03:15 修改: 2023-11-07 03:31
git-man	CVE-2021-40330	高危	1:2.11.0-3+deb9u7		git: unexpected cross-protocol requests via a repository path containing a newline character 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40330 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-08-31 04:15 修改: 2022-11-07 18:37
libldap-common	CVE-2020-25692	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u5	openldap: NULL pointer dereference for unauthenticated packet in slapd 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25692 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-08 01:15 修改: 2022-10-12 14:27
libldap-common	CVE-2020-25709	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in Certificate List syntax validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25709 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-05-18 12:15 修改: 2023-11-07 03:20
libldap-common	CVE-2020-25710	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u6	openldap: assertion failure in CSN normalization with invalid input 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25710 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-05-28 11:15 修改: 2023-11-07 03:20
libldap-common	CVE-2020-36221	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in serialNumberAndIssuerCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36221 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36222	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in slapd in the saslAuthzTo validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36222 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36223	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Out-of-bounds read in Values Return Filter 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36223 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36224	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Invalid pointer free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36224 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36225	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Double free in the saslAuthzTo processing 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36225 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36226	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Denial of service via length miscalculation in slap_parse_user 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36226 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36227	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Infinite loop in slapd with the cancel_extop Cancel operation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36227 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36228	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Integer underflow in issuerAndThisUpdateCheck in schema_init.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36228 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36229	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Type confusion in ad_keystring in ad.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36229 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2020-36230	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u7	openldap: Assertion failure in ber_next_element in decode.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36230 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-01-26 18:15 修改: 2023-11-07 03:22
libldap-common	CVE-2021-27212	高危	2.4.44+dfsg-5+deb9u4	2.4.44+dfsg-5+deb9u8	openldap: Assertion failure in slapd in the issuerAndThisUpdateCheck function 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27212 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-02-14 03:15 修改: 2023-11-07 03:31
git-man	CVE-2022-24765	高危	1:2.11.0-3+deb9u7		git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24765 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-12 18:15 修改: 2023-12-27 10:15
liblzma5	CVE-2022-1271	高危	5.2.2-1.2+b1	5.2.2-1.2+deb9u1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libmount1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libncurses5	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libncursesw5	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libnettle6	CVE-2021-20305	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Out of bounds memory access in signature verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20305 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-04-05 22:15 修改: 2023-11-07 03:29
libnettle6	CVE-2021-3580	高危	3.3-1+b2	3.3-1+deb9u1	nettle: Remote crash in RSA decryption via manipulated ciphertext 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3580 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-08-05 21:15 修改: 2024-01-16 15:15
libnghttp2-14	CVE-2018-1000168	高危	1.18.1-1+deb9u1	1.18.1-1+deb9u2	nghttp2: Null pointer dereference when too large ALTSVC frame is received 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000168 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-05-08 15:29 修改: 2022-08-16 13:01
libnghttp2-14	CVE-2020-11080	高危	1.18.1-1+deb9u1	1.18.1-1+deb9u2	nghttp2: overly large SETTINGS frames can lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11080 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-06-03 23:15 修改: 2023-11-07 03:14
libp11-kit0	CVE-2020-29361	高危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21
libperl5.24	CVE-2020-16156	高危	5.24.1-3+deb9u7		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
gnupg	CVE-2018-1000858	高危	2.1.18-8~deb9u4		gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43
gnupg-agent	CVE-2018-1000858	高危	2.1.18-8~deb9u4		gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43
libpython2.7-minimal	CVE-2015-20107	高危	2.7.13-2+deb9u4		python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
gpgv	CVE-2018-1000858	高危	2.1.18-8~deb9u4		gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000858 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-12-20 17:29 修改: 2019-02-13 16:43
libpython2.7-stdlib	CVE-2015-20107	高危	2.7.13-2+deb9u4		python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
libsasl2-2	CVE-2022-24407	高危	2.1.27~101-g0780600+dfsg-3+deb9u1	2.1.27~101-g0780600+dfsg-3+deb9u2	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
libsasl2-modules-db	CVE-2022-24407	高危	2.1.27~101-g0780600+dfsg-3+deb9u1	2.1.27~101-g0780600+dfsg-3+deb9u2	cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-24407 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-02-24 15:15 修改: 2023-11-07 03:44
libsmartcols1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
gzip	CVE-2022-1271	高危	1.6-5+b1	1.6-5+deb9u1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
libsqlite3-0	CVE-2019-20218	高危	3.16.2-5+deb9u2	3.16.2-5+deb9u3	sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20218 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-01-02 14:16 修改: 2022-10-07 17:56
libss2	CVE-2022-1304	高危	1.43.4-2+deb9u2		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
libssh2-1	CVE-2019-13115	高危	1.7.0-1+deb9u1	1.7.0-1+deb9u2	libssh2: integer overflow in kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c leads to out-of-bounds write 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13115 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2019-07-16 18:15 修改: 2023-11-07 03:03
libssh2-1	CVE-2019-17498	高危	1.7.0-1+deb9u1	1.7.0-1+deb9u2	libssh2: integer overflow in SSH_MSG_DISCONNECT logic in packet.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17498 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2019-10-21 22:15 修改: 2023-11-07 03:06
libssl1.0.2	CVE-2021-23840	高危	1.0.2u-1~deb9u1	1.0.2u-1~deb9u4	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libssl1.0.2	CVE-2021-3712	高危	1.0.2u-1~deb9u1	1.0.2u-1~deb9u6	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
libssl1.0.2	CVE-2022-0778	高危	1.0.2u-1~deb9u1	1.0.2u-1~deb9u7	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libapr1	CVE-2017-12613	高危	1.5.2-5	1.5.2-5+deb9u1	apr: Out-of-bounds array deref in apr_time_exp*() functions 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12613 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2017-10-24 01:29 修改: 2023-11-07 02:38
libssl1.1	CVE-2021-23840	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2021-3712	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u4	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2022-0778	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
libstdc++6	CVE-2018-12886	高危	6.3.0-18+deb9u1		gcc: spilling of stack protection address in cfgexpand.c and function.c leads to stack-overflow protection bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12886 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-05-22 19:29 修改: 2020-08-24 17:37
libsvn1	CVE-2020-17525	高危	1.9.5-1+deb9u5	1.9.5-1+deb9u6	subversion: Remote unauthenticated denial of service in mod_authz_svn 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17525 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2021-03-17 10:15 修改: 2022-01-01 18:03
libsystemd0	CVE-2019-3843	高危	232-25+deb9u12		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libsystemd0	CVE-2019-3844	高危	232-25+deb9u12		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libsystemd0	CVE-2020-1712	高危	232-25+deb9u12	232-25+deb9u14	systemd: use-after-free when asynchronous polkit queries are performed 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19
libtinfo5	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
libudev1	CVE-2019-3843	高危	232-25+deb9u12		systemd: services with DynamicUser can create SUID/SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3843 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libudev1	CVE-2019-3844	高危	232-25+deb9u12		systemd: services with DynamicUser can get new privileges and create SGID binaries 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3844 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-04-26 21:29 修改: 2023-11-07 03:10
libudev1	CVE-2020-1712	高危	232-25+deb9u12	232-25+deb9u14	systemd: use-after-free when asynchronous polkit queries are performed 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1712 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2020-03-31 17:15 修改: 2023-11-07 03:19
libuuid1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
libblkid1	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
login	CVE-2017-20002	高危	1:4.4-4.1	1:4.4-4.1+deb9u1	The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58
mount	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
ncurses-base	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
ncurses-bin	CVE-2022-29458	高危	6.0+20161126-1+deb9u2		ncurses: segfaulting OOB read 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29458 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-04-18 21:15 修改: 2023-11-07 03:46
openssh-client	CVE-2021-41617	高危	1:7.4p1-10+deb9u7		openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-41617 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2021-09-26 19:15 修改: 2023-12-26 04:15
curl	CVE-2020-8231	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u12	curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
openssl	CVE-2021-23840	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: integer overflow in CipherUpdate 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23840 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl	CVE-2021-3712	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u4	openssl: Read buffer overruns processing ASN.1 strings 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3712 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-24 15:15 修改: 2024-06-21 19:15
openssl	CVE-2022-0778	高危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0778 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-03-15 17:15 修改: 2024-06-21 19:15
p11-kit	CVE-2020-29361	高危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21
p11-kit-modules	CVE-2020-29361	高危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: integer overflow when allocating memory for arrays or attributes and object identifiers 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29361 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2020-12-16 14:15 修改: 2023-11-07 03:21
curl	CVE-2020-8285	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: Malicious FTP server can trigger stack overflow when CURLOPT_CHUNK_BGN_FUNCTION is used 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8285 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 15:47
passwd	CVE-2017-20002	高危	1:4.4-4.1	1:4.4-4.1+deb9u1	The Debian shadow package before 1:4.5-1 for Shadow incorrectly lists ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-20002 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-03-17 06:15 修改: 2021-06-07 14:58
perl	CVE-2020-16156	高危	5.24.1-3+deb9u7		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
perl-base	CVE-2020-16156	高危	5.24.1-3+deb9u7		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
perl-modules-5.24	CVE-2020-16156	高危	5.24.1-3+deb9u7		perl-CPAN: Bypass of verification of signatures in CHECKSUMS files 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-16156 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-12-13 18:15 修改: 2023-11-07 03:18
libcomerr2	CVE-2022-1304	高危	1.43.4-2+deb9u2		e2fsprogs: out-of-bounds read/write via crafted filesystem 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1304 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-14 21:15 修改: 2024-11-22 12:15
python2.7	CVE-2015-20107	高危	2.7.13-2+deb9u4		python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
libcurl3	CVE-2020-8231	高危	7.52.1-5+deb9u11	7.52.1-5+deb9u12	curl: Expired pointer dereference via multi API with CURLOPT_CONNECT_ONLY option set 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8231 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-03-27 16:04
python2.7-minimal	CVE-2015-20107	高危	2.7.13-2+deb9u4		python: mailcap: findmatch() function does not sanitize the second argument 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-20107 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-04-13 16:15 修改: 2023-11-07 02:25
subversion	CVE-2020-17525	高危	1.9.5-1+deb9u5	1.9.5-1+deb9u6	subversion: Remote unauthenticated denial of service in mod_authz_svn 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17525 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2021-03-17 10:15 修改: 2022-01-01 18:03
util-linux	CVE-2016-2779	高危	2.29.2-1+deb9u1		util-linux: runuser tty hijack via TIOCSTI ioctl 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2779 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2019-01-04 14:14
xz-utils	CVE-2022-1271	高危	5.2.2-1.2+b1	5.2.2-1.2+deb9u1	gzip: arbitrary-file-write vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1271 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2022-08-31 16:15 修改: 2024-08-26 10:47
zlib1g	CVE-2018-25032	高危	1:1.2.8.dfsg-5	1:1.2.8.dfsg-5+deb9u1	zlib: A flaw found in zlib when compressing (not decompressing) certain inputs 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-25032 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-03-25 09:15 修改: 2023-11-07 02:56
libgcrypt20	CVE-2021-40528	中危	1.7.6-2+deb9u3	1.7.6-2+deb9u4	libgcrypt: ElGamal implementation allows plaintext recovery 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40528 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-09-06 19:15 修改: 2023-11-07 03:38
apt-transport-https	CVE-2020-27350	中危	1.4.10	1.4.11	APT had several integer overflows and underflows while parsing .deb pa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
libsqlite3-0	CVE-2019-19645	中危	3.16.2-5+deb9u2		sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19645 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2019-12-09 16:15 修改: 2022-04-15 16:14
libsqlite3-0	CVE-2020-13631	中危	3.16.2-5+deb9u2		sqlite: Virtual table can be renamed into the name of one of its shadow tables 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13631 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-05-27 15:15 修改: 2023-11-07 03:16
libgnutls30	CVE-2018-16868	中危	3.5.8-5+deb9u5		gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16868 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2018-12-03 14:29 修改: 2022-11-30 21:20
libgnutls30	CVE-2021-4209	中危	3.5.8-5+deb9u5		GnuTLS: Null pointer dereference in MD_UPDATE 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4209 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-08-24 16:15 修改: 2022-10-27 16:57
libcurl3-gnutls	CVE-2021-22876	中危	7.52.1-5+deb9u11	7.52.1-5+deb9u14	curl: Leak of authentication credentials in URL via automatic Referer 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47
libgssapi-krb5-2	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libgssapi-krb5-2	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libgssapi-krb5-2	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libssl1.0.2	CVE-2020-1971	中危	1.0.2u-1~deb9u1	1.0.2u-1~deb9u3	openssl: EDIPARTYNAME NULL pointer de-reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15
libssl1.0.2	CVE-2021-23841	中危	1.0.2u-1~deb9u1	1.0.2u-1~deb9u4	openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libgssapi-krb5-2	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libcurl3-gnutls	CVE-2021-22947	中危	7.52.1-5+deb9u11	7.52.1-5+deb9u16	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
curl	CVE-2021-22876	中危	7.52.1-5+deb9u11	7.52.1-5+deb9u14	curl: Leak of authentication credentials in URL via automatic Referer 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47
libhogweed4	CVE-2018-16869	中危	3.3-1+b2		nettle: Leaky data conversion exposing a manager oracle 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16869 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-12-03 14:29 修改: 2023-02-03 14:25
libssl1.1	CVE-2019-1551	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Integer overflow in RSAZ modular exponentiation on x86_64 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08
libssl1.1	CVE-2020-1971	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u2	openssl: EDIPARTYNAME NULL pointer de-reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2021-23841	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
libssl1.1	CVE-2021-4160	中危	1.1.0l-1~deb9u1		openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4160 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-01-28 22:15 修改: 2024-06-21 19:15
libcurl3	CVE-2021-22876	中危	7.52.1-5+deb9u11	7.52.1-5+deb9u14	curl: Leak of authentication credentials in URL via automatic Referer 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22876 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-04-01 18:15 修改: 2024-03-27 15:47
libk5crypto3	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libk5crypto3	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libk5crypto3	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libk5crypto3	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libsystemd0	CVE-2021-33910	中危	232-25+deb9u12	232-25+deb9u13	systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
libsystemd0	CVE-2021-3997	中危	232-25+deb9u12		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libelf1	CVE-2018-16062	中危	0.168-1	0.168-1+deb9u1	elfutils: Heap-based buffer over-read in libdw/dwarf_getaranges.c:dwarf_getaranges() via crafted file 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16062 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-08-29 03:29 修改: 2023-11-07 02:53
libkrb5-3	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libkrb5-3	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libkrb5-3	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libudev1	CVE-2021-33910	中危	232-25+deb9u12	232-25+deb9u13	systemd: uncontrolled allocation on the stack in function unit_name_path_escape leads to crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-33910 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-20 19:15 修改: 2023-11-07 03:35
libudev1	CVE-2021-3997	中危	232-25+deb9u12		systemd: Uncontrolled recursion in systemd-tmpfiles when removing files 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-3997 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2022-08-23 20:15 修改: 2023-05-03 12:15
libkrb5-3	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libelf1	CVE-2018-18310	中危	0.168-1	0.168-1+deb9u1	elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18310 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-10-15 02:29 修改: 2021-11-30 21:59
libkrb5support0	CVE-2018-20217	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: Reachable assertion in the KDC using S4U2Self requests 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20217 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-12-26 21:29 修改: 2023-11-07 02:56
libkrb5support0	CVE-2018-5710	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null pointer deference in strlen function in plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5710 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-01-16 09:29 修改: 2023-11-07 02:58
libkrb5support0	CVE-2018-5729	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: null dereference in kadmind or DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5729 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:52
libnettle6	CVE-2018-16869	中危	3.3-1+b2		nettle: Leaky data conversion exposing a manager oracle 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16869 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-12-03 14:29 修改: 2023-02-03 14:25
libkrb5support0	CVE-2021-37750	中危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: NULL pointer dereference in process_tgs_req() in kdc/do_tgs_req.c via a FAST inner body that lacks server field 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37750 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-08-23 05:15 修改: 2023-11-07 03:37
libelf1	CVE-2018-18520	中危	0.168-1	0.168-1+deb9u1	elfutils: eu-size cannot handle recursive ar files 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18520 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
libelf1	CVE-2018-18521	中危	0.168-1	0.168-1+deb9u1	elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18521 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-10-19 17:29 修改: 2021-11-30 21:59
libp11-kit0	CVE-2020-29362	中危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50
libpcre3	CVE-2020-14155	中危	2:8.39-3		pcre: Integer overflow when parsing callout numeric arguments 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-14155 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2020-06-15 17:15 修改: 2024-03-27 16:04
openssl	CVE-2019-1551	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u5	openssl: Integer overflow in RSAZ modular exponentiation on x86_64 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1551 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2019-12-06 18:15 修改: 2023-11-07 03:08
openssl	CVE-2020-1971	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u2	openssl: EDIPARTYNAME NULL pointer de-reference 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1971 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-12-08 16:15 修改: 2024-06-21 19:15
openssl	CVE-2021-23841	中危	1.1.0l-1~deb9u1	1.1.0l-1~deb9u3	openssl: NULL pointer dereference in X509_issuer_and_serial_hash() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23841 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-02-16 17:15 修改: 2024-06-21 19:15
openssl	CVE-2021-4160	中危	1.1.0l-1~deb9u1		openssl: Carry propagation bug in the MIPS32 and MIPS64 squaring procedure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4160 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2022-01-28 22:15 修改: 2024-06-21 19:15
libexpat1	CVE-2022-25313	中危	2.2.0-2+deb9u3	2.2.0-2+deb9u5	expat: Stack exhaustion in doctype parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25313 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2022-02-18 05:15 修改: 2023-11-07 03:44
p11-kit	CVE-2020-29362	中危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50
libelf1	CVE-2019-7150	中危	0.168-1	0.168-1+deb9u1	elfutils: segmentation fault in elf64_xlatetom in libelf/elf32_xlatetom.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7150 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-01-29 00:29 修改: 2021-11-30 19:52
p11-kit-modules	CVE-2020-29362	中危	0.23.3-2	0.23.3-2+deb9u1	p11-kit: out-of-bounds read in p11_rpc_buffer_get_byte_array function in rpc-message.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-29362 镜像层: sha256:e43c0c41b833ec88f51b6fdb7c5faa32c76a32dbefdeb602969b74720ecf47c9 发布日期: 2020-12-16 14:15 修改: 2021-01-11 16:50
libelf1	CVE-2019-7665	中危	0.168-1	0.168-1+deb9u1	elfutils: heap-based buffer over-read in function elf32_xlatetom in elf32_xlatetom.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7665 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-02-09 16:29 修改: 2021-11-30 19:53
libcurl3	CVE-2021-22947	中危	7.52.1-5+deb9u11	7.52.1-5+deb9u16	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libpython2.7-minimal	CVE-2019-16935	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: XSS vulnerability in the documentation XML-RPC server in server_title field 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16935 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2019-09-28 02:15 修改: 2023-11-07 03:06
libpython2.7-minimal	CVE-2021-23336	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30
libpython2.7-minimal	CVE-2021-4189	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15
curl	CVE-2021-22947	中危	7.52.1-5+deb9u11	7.52.1-5+deb9u16	curl: Server responses received before STARTTLS processed after TLS handshake 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22947 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-09-29 20:15 修改: 2024-03-27 15:03
libfreetype6	CVE-2020-15999	中危	2.6.3-3.2+deb9u1	2.6.3-3.2+deb9u2	freetype: Heap-based buffer overflow due to integer truncation in Load_SBit_Png 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15999 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-11-03 03:15 修改: 2024-07-25 17:25
python2.7	CVE-2019-16935	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: XSS vulnerability in the documentation XML-RPC server in server_title field 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16935 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2019-09-28 02:15 修改: 2023-11-07 03:06
python2.7	CVE-2021-23336	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30
python2.7	CVE-2021-4189	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15
libpython2.7-stdlib	CVE-2019-16935	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: XSS vulnerability in the documentation XML-RPC server in server_title field 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16935 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2019-09-28 02:15 修改: 2023-11-07 03:06
libpython2.7-stdlib	CVE-2021-23336	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30
python2.7-minimal	CVE-2019-16935	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: XSS vulnerability in the documentation XML-RPC server in server_title field 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16935 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2019-09-28 02:15 修改: 2023-11-07 03:06
python2.7-minimal	CVE-2021-23336	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u5	python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23336 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-02-15 13:15 修改: 2023-11-07 03:30
python2.7-minimal	CVE-2021-4189	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15
libpython2.7-stdlib	CVE-2021-4189	中危	2.7.13-2+deb9u4	2.7.13-2+deb9u6	python: ftplib should not use the host from the PASV response 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-4189 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2022-08-24 16:15 修改: 2023-06-30 23:15
tar	CVE-2018-20482	中危	1.29b-1.1	1.29b-1.1+deb9u1	tar: Infinite read loop in sparse_dump_region function in sparse.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20482 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-12-26 18:29 修改: 2021-11-30 19:52
libapt-pkg5.0	CVE-2020-27350	中危	1.4.10	1.4.11	APT had several integer overflows and underflows while parsing .deb pa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
wget	CVE-2021-31879	中危	1.18-5+deb9u3		wget: authorization header disclosure on redirect 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
apt	CVE-2020-27350	中危	1.4.10	1.4.11	APT had several integer overflows and underflows while parsing .deb pa ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27350 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-10 04:15 修改: 2022-10-29 02:41
libgcrypt20	CVE-2019-13627	中危	1.7.6-2+deb9u3		libgcrypt: ECDSA timing attack allowing private key leak 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-13627 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-09-25 15:15 修改: 2021-07-21 11:39
libsystemd0	CVE-2018-16888	低危	232-25+deb9u12		systemd: kills privileged process if unprivileged PIDFile was tampered 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
libsystemd0	CVE-2018-6954	低危	232-25+deb9u12		systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00
curl	CVE-2021-22924	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u15	curl: Bad connection reuse due to flawed path name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11
libtinfo5	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libtinfo5	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libtinfo5	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
gnupg	CVE-2018-9234	低危	2.1.18-8~deb9u4		GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37
libfdisk1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libk5crypto3	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
libk5crypto3	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
gnupg	CVE-2019-14855	低危	2.1.18-8~deb9u4		gnupg2: OpenPGP Key Certification Forgeries with SHA-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28
libudev1	CVE-2018-16888	低危	232-25+deb9u12		systemd: kills privileged process if unprivileged PIDFile was tampered 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16888 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-01-14 22:29 修改: 2023-11-07 02:53
libudev1	CVE-2018-6954	低危	232-25+deb9u12		systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6954 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-02-13 20:29 修改: 2023-11-07 03:00
bsdutils	CVE-2021-37600	低危	1:2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libuuid1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
gnupg-agent	CVE-2018-9234	低危	2.1.18-8~deb9u4		GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37
gnupg-agent	CVE-2019-14855	低危	2.1.18-8~deb9u4		gnupg2: OpenPGP Key Certification Forgeries with SHA-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28
login	CVE-2018-7169	低危	1:4.4-4.1		shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03
dirmngr	CVE-2018-9234	低危	2.1.18-8~deb9u4		GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37
mount	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libkrb5-3	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
ncurses-base	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
ncurses-base	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
ncurses-base	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libkrb5-3	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
ncurses-bin	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
ncurses-bin	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
ncurses-bin	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
libsepol1	CVE-2021-36084	低危	2.6-2		libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36084 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36085	低危	2.6-2		libsepol: use-after-free in __cil_verify_classperms() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36085 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36086	低危	2.6-2		libsepol: use-after-free in cil_reset_classpermission() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36086 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
libsepol1	CVE-2021-36087	低危	2.6-2		libsepol: heap-based buffer overflow in ebitmap_match_any() 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36087 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-01 03:15 修改: 2023-11-07 03:36
gpgv	CVE-2018-9234	低危	2.1.18-8~deb9u4		GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-9234 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-04-04 00:29 修改: 2019-02-27 19:37
libsmartcols1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libelf1	CVE-2018-16403	低危	0.168-1		elfutils: Heap-based buffer over-read in libdw/dwarf_getabbrev.c and libwd/dwarf_hasattr.c causes crash 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-16403 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-09-03 19:29 修改: 2023-11-07 02:53
libelf1	CVE-2019-7149	低危	0.168-1		elfutils: heap-based buffer over-read in read_srclines in dwarf_getsrclines.c in libdw 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-7149 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-01-29 00:29 修改: 2019-06-10 17:29
gpgv	CVE-2019-14855	低危	2.1.18-8~deb9u4		gnupg2: OpenPGP Key Certification Forgeries with SHA-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28
libcurl3	CVE-2020-8284	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: FTP PASV command response can cause curl to connect to arbitrary host 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50
libkrb5support0	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
liblz4-1	CVE-2019-17543	低危	0.0~r131-2+b1		lz4: heap-based buffer overflow in LZ4_write32 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17543 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 02:15 修改: 2023-11-07 03:06
libkrb5support0	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
libcurl3	CVE-2021-22898	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u15	curl: TELNET stack contents disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47
libmount1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
passwd	CVE-2018-7169	低危	1:4.4-4.1		shadow-utils: newgidmap allows unprivileged user to drop supplementary groups potentially allowing privilege escalation 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7169 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-02-15 20:29 修改: 2019-10-03 00:03
libcurl3	CVE-2021-22924	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u15	curl: Bad connection reuse due to flawed path name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11
libncurses5	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libncurses5	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libssl1.0.2	CVE-2020-1968	低危	1.0.2u-1~deb9u1	1.0.2u-1~deb9u2	openssl: Information exposure when DH secret are reused across multiple TLS connections 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1968 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2020-09-09 14:15 修改: 2022-11-21 19:48
libncurses5	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
dirmngr	CVE-2019-14855	低危	2.1.18-8~deb9u4		gnupg2: OpenPGP Key Certification Forgeries with SHA-1 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14855 镜像层: sha256:69dfa7bd7a92b8ba12a617ff56f22533223007c5ba6b3a191c91b852320f012e 发布日期: 2020-03-20 16:15 修改: 2022-11-08 02:28
libncursesw5	CVE-2018-19211	低危	6.0+20161126-1+deb9u2		ncurses: Null pointer dereference at function _nc_parse_entry in parse_entry.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19211 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2018-11-12 19:29 修改: 2019-04-23 13:15
libncursesw5	CVE-2019-17594	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the _nc_find_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17594 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-10 15:13
libncursesw5	CVE-2019-17595	低危	6.0+20161126-1+deb9u2		ncurses: heap-based buffer overflow in the fmt_entry function in tinfo/comp_hash.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17595 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2019-10-14 21:15 修改: 2021-02-08 20:52
coreutils	CVE-2016-2781	低危	8.26-3		coreutils: Non-privileged session can escape to the parent session in chroot 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libaprutil1	CVE-2017-12618	低危	1.5.4-3		apr-util: Out-of-bounds access in corrupted SDBM database 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12618 镜像层: sha256:01727b1a72df8ba02293a98ab365bb4e8015aefadd661aaf7e6aa76567b706b9 发布日期: 2017-10-24 01:29 修改: 2018-10-31 10:29
curl	CVE-2020-8284	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: FTP PASV command response can cause curl to connect to arbitrary host 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50
libgssapi-krb5-2	CVE-2017-11462	低危	1.15-1+deb9u1		krb5: Automatic sec context deletion could lead to double-free 漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11462 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2017-09-13 16:29 修改: 2023-11-07 02:38
libgssapi-krb5-2	CVE-2018-5730	低危	1.15-1+deb9u1	1.15-1+deb9u3	krb5: DN container check bypass by supplying special crafted data 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5730 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 2018-03-06 20:29 修改: 2024-05-23 17:53
curl	CVE-2021-22898	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u15	curl: TELNET stack contents disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47
libblkid1	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
util-linux	CVE-2021-37600	低危	2.29.2-1+deb9u1		util-linux: integer overflow can lead to buffer overflow in get_sem_elements() in sys-utils/ipcutils.c 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37600 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 2021-07-30 14:15 修改: 2024-08-04 02:15
libcurl3-gnutls	CVE-2020-8284	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u13	curl: FTP PASV command response can cause curl to connect to arbitrary host 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8284 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2020-12-14 20:15 修改: 2024-04-08 22:50
libcurl3-gnutls	CVE-2021-22898	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u15	curl: TELNET stack contents disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22898 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-06-11 16:15 修改: 2024-03-27 15:47
libcurl3-gnutls	CVE-2021-22924	低危	7.52.1-5+deb9u11	7.52.1-5+deb9u15	curl: Bad connection reuse due to flawed path name checks 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22924 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 2021-08-05 21:15 修改: 2024-03-27 15:11
tzdata	DLA-2509-1	未知	2020a-0+deb9u1	2020e-0+deb9u1	tzdata - new upstream version 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2542-1	未知	2020a-0+deb9u1	2021a-0+deb9u1	tzdata - new upstream version 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2797-1	未知	2020a-0+deb9u1	2021a-0+deb9u2	tzdata - new upstream version 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2963-1	未知	2020a-0+deb9u1	2021a-0+deb9u3	tzdata - new timezone database 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-3051-1	未知	2020a-0+deb9u1	2021a-0+deb9u4	tzdata - new timezone database 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ca-certificates	DLA-2593-1	未知	20200601~deb9u1	20200601~deb9u2	ca-certificates - whitelist Symantec CA 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libssl1.0.2	DLA-2761-1	未知	1.0.2u-1~deb9u1	1.0.2u-1~deb9u5	openssl1.0 - security update 漏洞详情: 镜像层: sha256:4d1ab3827f6b69f4e55bd69cc8abe1dde7d7a7f61bd6e32c665f12e0a8efd1c9 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
debian-archive-keyring	DLA-2948-1	未知	2017.5+deb9u1	2017.5+deb9u2	debian-archive-keyring - security update 漏洞详情: 镜像层: sha256:7948c3e5790c6df89fe48041fabd8f1c576d4bb7c869183e03b9e3873a5f33d9 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libgnutls30	DLA-2759-1	未知	3.5.8-5+deb9u5	3.5.8-5+deb9u6	gnutls28 - security update 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
tzdata	DLA-2424-1	未知	2020a-0+deb9u1	2020d-0+deb9u1	tzdata - new upstream version 漏洞详情: 镜像层: sha256:f9ecc8ce42cd82cde5003ccc4198451eea83685ec884f37ae2e7fb68d7849793 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

Java (jar)

低危漏洞:9

中危漏洞:62

高危漏洞:55

严重漏洞:21

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
commons-fileupload:commons-fileupload	CVE-2016-1000031	严重	1.3.1-jenkins-2	1.3.3	FileUpload: DiskFileItem file manipulation 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000031 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2016-10-25 14:29 修改: 2023-11-07 02:29
org.apache.sshd:sshd-core	CVE-2022-45047	严重	1.7.0	2.9.2	mina-sshd: Java unsafe deserialization vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45047 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-11-16 09:15 修改: 2024-02-16 13:15
org.apache.sshd:sshd-core	CVE-2022-45047	严重	1.7.0	2.9.2	mina-sshd: Java unsafe deserialization vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45047 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-11-16 09:15 修改: 2024-02-16 13:15
org.jenkins-ci.main:jenkins-core	CVE-2021-21685	严重	2.249.1	2.303.3, 2.319	jenkins: FilePath#mkdirs does not check permission to create parent directories 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21685 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:18
org.jenkins-ci.main:jenkins-core	CVE-2021-21686	严重	2.249.1	2.303.3, 2.319	jenkins: File path filters do not canonicalize paths, allowing operations to follow symbolic links to outside allowed directories 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21686 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:18
org.jenkins-ci.main:jenkins-core	CVE-2021-21687	严重	2.249.1	2.303.3, 2.319	jenkins: FilePath#untar does not check permission to create symbolic links when unarchiving a symbolic link 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21687 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:17
org.jenkins-ci.main:jenkins-core	CVE-2021-21688	严重	2.249.1	2.303.3, 2.319	jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21688 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:33
org.jenkins-ci.main:jenkins-core	CVE-2021-21689	严重	2.249.1	2.303.3, 2.319	jenkins: FilePath#unzip and FilePath#untar were not subject to any access control 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21689 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:33
org.jenkins-ci.main:jenkins-core	CVE-2021-21690	严重	2.249.1	2.303.3, 2.319	jenkins: Agent processes are able to completely bypass file path filtering by wrapping the file operation in an agent file path 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21690 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:23
org.jenkins-ci.main:jenkins-core	CVE-2021-21691	严重	2.249.1	2.303.3, 2.319	jenkins: Creating symbolic links is possible without the symlink permission 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21691 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:23
org.jenkins-ci.main:jenkins-core	CVE-2021-21692	严重	2.249.1	2.303.3, 2.319	jenkins: The operations FilePath#renameTo and FilePath#moveAllChildrenTo only check read permission on the source path 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21692 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:23
org.jenkins-ci.main:jenkins-core	CVE-2021-21693	严重	2.249.1	2.303.3, 2.319	jenkins: When creating temporary files, permission to create files is only checked after they’ve been created. 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21693 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:22
org.jenkins-ci.main:jenkins-core	CVE-2021-21694	严重	2.249.1	2.303.3, 2.319	jenkins: FilePath#toURI, FilePath#hasSymlink, FilePath#absolutize, FilePath#isDescendant, and FilePath#get*DiskSpace do not check any permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21694 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:22
org.jenkins-ci.main:jenkins-core	CVE-2021-21695	严重	2.249.1	2.303.3, 2.319	jenkins: FilePath#listFiles lists files outside directories with agent read access when following symbolic links. 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21695 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:22
org.jenkins-ci.main:jenkins-core	CVE-2021-21697	严重	2.249.1	2.303.3, 2.319	jenkins: Agent-to-controller access control allows reading/writing most content of build directories 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21697 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-03 02:35
org.jenkins-ci.main:jenkins-core	CVE-2024-23897	严重	2.249.1	2.426.3, 2.440.1, 2.442	jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23897 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-01-24 18:15 修改: 2024-12-20 17:30
org.springframework:spring-beans	CVE-2022-22965	严重	2.5.6.SEC03	5.2.20.RELEASE, 5.3.18	spring-framework: RCE via Data Binding on JDK 9+ 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-04-01 23:15 修改: 2024-10-18 19:52
org.springframework:spring-core	CVE-2018-1270	严重	2.5.6.SEC03	5.0.5, 4.3.16	spring-framework: Possible RCE via spring messaging 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1270 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2018-04-06 13:29 修改: 2023-11-07 02:55
org.springframework:spring-core	CVE-2018-1275	严重	2.5.6.SEC03	4.3.16, 5.0.5	spring-framework: Address partial fix for CVE-2018-1270 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1275 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2018-04-11 13:29 修改: 2023-11-07 02:55
org.springframework:spring-web	CVE-2016-1000027	严重	2.5.6.SEC03	6.0.0	spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-webmvc	CVE-2022-22965	严重	2.5.6.SEC03	5.2.20.RELEASE, 5.3.18	spring-framework: RCE via Data Binding on JDK 9+ 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-04-01 23:15 修改: 2024-10-18 19:52
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42003	高危	2.11.1	2.12.7.1, 2.13.4.2	jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
org.eclipse.jetty.http2:http2-common	CVE-2024-22201	高危	9.4.30.v20200611	9.4.54, 10.0.20, 11.0.20	jetty: stop accepting new connections from valid clients 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22201 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-02-26 16:27 修改: 2024-05-01 18:15
org.eclipse.jetty.http2:http2-hpack	CVE-2023-36478	高危	9.4.30.v20200611	10.0.16, 11.0.16, 9.4.53	jetty: hpack header values cause denial of service in http/2 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36478 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-10-10 17:15 修改: 2024-06-21 19:15
org.eclipse.jetty.http2:http2-server	CVE-2022-2048	高危	9.4.30.v20200611	9.4.47, 10.0.10, 11.0.10	http2-server: Invalid HTTP/2 requests cause DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2048 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-07-07 21:15 修改: 2023-07-24 13:16
org.eclipse.jetty:jetty-server	CVE-2021-28165	高危	9.4.30.v20200611	9.4.39, 10.0.2, 11.0.2	jetty: Resource exhaustion when receiving an invalid large TLS frame 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28165 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-04-01 15:15 修改: 2023-11-07 03:32
org.eclipse.jetty:jetty-webapp	CVE-2020-27216	高危	9.4.30.v20200611	9.4.33.v20201020, 10.0.0.beta3, 11.0.0.beta3	jetty: local temporary directory hijacking vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27216 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-10-23 13:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind	CVE-2022-42004	高危	2.11.1	2.12.7.1, 2.13.4	jackson-databind: use of deeply nested arrays 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
commons-beanutils:commons-beanutils	CVE-2014-0114	高危	1.9.2	1.9.4	1: Class Loader manipulation via request parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2014-0114 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2014-04-30 10:49 修改: 2023-02-13 00:32
commons-beanutils:commons-beanutils	CVE-2019-10086	高危	1.9.2	1.9.4	apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10086 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2019-08-20 21:15 修改: 2023-11-07 03:02
commons-beanutils:commons-beanutils	CVE-2014-0114	高危	1.9.3	1.9.4	1: Class Loader manipulation via request parameters 漏洞详情: https://avd.aquasec.com/nvd/cve-2014-0114 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2014-04-30 10:49 修改: 2023-02-13 00:32
commons-beanutils:commons-beanutils	CVE-2019-10086	高危	1.9.3	1.9.4	apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default 漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10086 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2019-08-20 21:15 修改: 2023-11-07 03:02
com.fasterxml.jackson.core:jackson-databind	CVE-2020-36518	高危	2.11.1	2.13.2.1, 2.12.6.1	jackson-databind: denial of service via a large depth of nested objects 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
commons-fileupload:commons-fileupload	CVE-2016-3092	高危	1.3.1-jenkins-2	1.3.2	tomcat: Usage of vulnerable FileUpload package can result in denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3092 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2016-07-04 22:59 修改: 2023-12-08 16:41
commons-fileupload:commons-fileupload	CVE-2023-24998	高危	1.3.1-jenkins-2	1.5	FileUpload: FileUpload DoS with excessive parts 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-02-20 16:15 修改: 2024-02-16 19:11
commons-io:commons-io	CVE-2024-47554	高危	2.6	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-io:commons-io	CVE-2024-47554	高危	2.6	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-io:commons-io	CVE-2024-47554	高危	2.7	2.14.0	apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
org.apache.ant:ant	CVE-2020-11979	高危	1.10.8	1.10.9	ant: insecure temporary file 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-11979 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-10-01 20:15 修改: 2023-11-07 03:15
org.apache.commons:commons-compress	CVE-2021-35515	高危	1.19	1.21	apache-commons-compress: infinite loop when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.jenkins-ci.main:jenkins-core	CVE-2020-2229	高危	2.249.1	2.235.4, 2.252	jenkins: user-specified tooltip values leads to stored cross-site scripting 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-2229 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-08-12 14:15 修改: 2023-11-02 21:41
org.jenkins-ci.main:jenkins-core	CVE-2020-2230	高危	2.249.1	2.235.4, 2.252	jenkins: stored XSS vulnerability in project naming strategy 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-2230 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-08-12 14:15 修改: 2023-11-02 21:39
org.jenkins-ci.main:jenkins-core	CVE-2021-21604	高危	2.249.1	2.263.2, 2.275	jenkins: Improper handling of REST API XML deserialization errors 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21604 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21605	高危	2.249.1	2.263.2, 2.275	jenkins: Path traversal vulnerability in agent names 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21605 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21671	高危	2.249.1	2.300, 2.289.2	jenkins: session fixation vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21671 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-06-30 17:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21696	高危	2.249.1	2.303.3, 2.319	jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21696 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-11-04 17:15 修改: 2023-11-22 21:22
org.jenkins-ci.main:jenkins-core	CVE-2022-34171	高危	2.249.1	2.356, 2.346.1, 2.332.4	Jenkins: Cross-site scripting (XSS) vulnerability in Jenkins LTS 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34171 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-06-23 17:15 修改: 2023-11-03 02:44
org.jenkins-ci.main:jenkins-core	CVE-2023-27898	高危	2.249.1	2.394, 2.375.4	Jenkins: XSS vulnerability in plugin manager 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27898 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-05-24 17:43
org.jenkins-ci.main:jenkins-core	CVE-2023-27899	高危	2.249.1	2.387.1, 2.375.4, 2.394	Jenkins: Temporary plugin file created with insecure permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27899 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-03-16 15:48
org.jenkins-ci.main:jenkins-core	CVE-2023-27901	高危	2.249.1	2.394, 2.375.4, 2.387.1	Jenkins: Denial of Service attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27901 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-03-16 15:54
org.jenkins-ci.main:jenkins-core	CVE-2023-35141	高危	2.249.1	2.400	jenkins: CSRF protection bypass vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-35141 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-06-14 13:15 修改: 2023-06-23 19:36
org.jenkins-ci.main:jenkins-core	CVE-2023-39151	高危	2.249.1	2.414.1, 2.401.3, 2.416	jenkins: Stored cross-site scripting via build logs 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39151 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-07-26 14:15 修改: 2023-08-03 12:56
org.jenkins-ci.main:jenkins-core	CVE-2023-43495	高危	2.249.1	2.414.2, 2.424	jenkins: Stored cross site scripting in ExpandableDetailsNote class 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43495 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-09-20 17:15 修改: 2023-09-23 03:45
org.jenkins-ci.main:jenkins-core	CVE-2023-43496	高危	2.249.1	2.414.2, 2.424	jenkins: Temporary plugin file created with insecure permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43496 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-09-20 17:15 修改: 2023-09-23 03:45
org.jenkins-ci.main:jenkins-core	CVE-2024-23898	高危	2.249.1	2.426.3, 2.442	jenkins: cross-site WebSocket hijacking 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23898 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-01-24 18:15 修改: 2024-05-14 15:01
org.jenkins-ci.main:jenkins-core	CVE-2024-43044	高危	2.249.1	2.452.4, 2.462.1, 2.471	jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43044 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-08-07 14:15 修改: 2024-08-16 17:19
org.jenkins-ci.main:remoting	CVE-2024-43044	高危	4.5	3206.3208, 3248.3250, 3256.3258	jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43044 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-08-07 14:15 修改: 2024-08-16 17:19
org.json:json	CVE-2022-45688	高危	20200518	20230227	json stack overflow vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45688 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-12-13 15:15 修改: 2023-03-09 15:16
org.json:json	CVE-2023-5072	高危	20200518	20231013	JSON-java: parser confusion leads to OOM 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2023-10-12 17:15 修改: 2024-06-21 19:15
org.apache.commons:commons-compress	CVE-2021-35516	高危	1.19	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.springframework:spring-beans	CVE-2022-22970	高危	2.5.6.SEC03	5.2.22.RELEASE, 5.3.20	springframework: DoS via data binding to multipartFile or servlet part 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-05-12 20:15 修改: 2022-10-07 13:17
org.springframework:spring-context	CVE-2022-22968	高危	2.5.6.SEC03	5.3.19, 5.2.21.RELEASE	Framework: Data Binding Rules Vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22968 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-04-14 21:15 修改: 2022-10-19 15:15
org.apache.commons:commons-compress	CVE-2021-35517	高危	1.19	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress	CVE-2021-36090	高危	1.19	1.21	apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.springframework:spring-core	CVE-2015-5211	高危	2.5.6.SEC03	4.2.2, 4.1.8, 3.2.15	Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4 ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-5211 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2017-05-25 17:29 修改: 2022-06-05 03:44
org.springframework:spring-core	CVE-2016-5007	高危	2.5.6.SEC03	4.3.1	spring: Path matching inconsistency 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-5007 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2017-05-25 17:29 修改: 2022-04-11 17:18
org.springframework:spring-core	CVE-2018-1272	高危	2.5.6.SEC03	4.3.15, 5.0.5	spring-framework: Multipart content pollution 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1272 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2018-04-06 13:29 修改: 2022-06-23 16:33
org.apache.commons:commons-compress	CVE-2024-25710	高危	1.19	1.26.0	commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.springframework:spring-web	CVE-2024-22243	高危	2.5.6.SEC03	6.1.4, 6.0.17, 5.3.32	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-02-23 05:15 修改: 2024-08-22 15:35
org.springframework:spring-web	CVE-2024-22259	高危	2.5.6.SEC03	6.1.5, 6.0.18, 5.3.33	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-03-16 05:15 修改: 2024-07-03 01:47
org.springframework:spring-web	CVE-2024-22262	高危	2.5.6.SEC03	5.3.34, 6.0.19, 6.1.6	springframework: URL Parsing with Host Validation 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-04-16 06:15 修改: 2024-08-27 14:35
com.fasterxml.jackson.core:jackson-databind	CVE-2021-46877	高危	2.11.1	2.12.6, 2.13.1	jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
org.springframework:spring-webmvc	CVE-2016-9878	高危	2.5.6.SEC03	3.2.18, 4.2.9, 4.3.5	Framework: Directory Traversal in the Spring Framework ResourceServlet 漏洞详情: https://avd.aquasec.com/nvd/cve-2016-9878 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2016-12-29 09:59 修改: 2022-04-11 17:18
org.springframework:spring-webmvc	CVE-2024-38819	高危	2.5.6.SEC03	6.1.14	org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-12-19 18:15 修改: 2024-12-19 18:15
org.yaml:snakeyaml	CVE-2022-1471	高危	1.26	2.0	SnakeYaml: Constructor Deserialization Remote Code Execution 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-12-01 11:15 修改: 2024-06-21 19:15
org.yaml:snakeyaml	CVE-2022-25857	高危	1.26	1.31	snakeyaml: Denial of Service due to missing nested depth limitation for collections 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-08-30 05:15 修改: 2024-03-15 11:15
org.codehaus.groovy:groovy-all	CVE-2020-17521	中危	2.4.12	2.4.21, 2.5.14, 3.0.7	groovy: OS temporary directory leads to information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-17521 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-12-07 20:15 修改: 2023-11-07 03:19
org.jenkins-ci.main:jenkins-core	CVE-2020-2231	中危	2.249.1	2.235.4, 2.252	jenkins: stored XSS vulnerability in 'trigger builds remotely' 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-2231 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-08-12 14:15 修改: 2023-11-02 21:39
org.jenkins-ci.main:jenkins-core	CVE-2021-21602	中危	2.249.1	2.263.2, 2.275	jenkins: Arbitrary file read vulnerability in workspace browsers 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21602 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21603	中危	2.249.1	2.275	jenkins: XSS vulnerability in notification bar 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21603 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-11-02 22:10
org.jenkins-ci.main:jenkins-core	CVE-2021-21606	中危	2.249.1	2.263.2, 2.275	jenkins: Arbitrary file existence check in file fingerprints 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21606 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21607	中危	2.249.1	2.263.2, 2.275	jenkins: Excessive memory allocation in graph URLs leads to denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21607 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21608	中危	2.249.1	2.275	jenkins: Stored XSS vulnerability in button labels 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21608 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-11-02 22:04
org.jenkins-ci.main:jenkins-core	CVE-2021-21609	中危	2.249.1	2.263.2, 2.275	jenkins: Missing permission check for paths with specific prefix 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21609 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21610	中危	2.249.1	2.263.2, 2.275	jenkins: Reflected XSS vulnerability in markup formatter preview 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21610 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-11-02 22:04
org.jenkins-ci.main:jenkins-core	CVE-2021-21611	中危	2.249.1	2.263.2, 2.275	jenkins: Stored XSS vulnerability on new item page 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21611 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-13 16:15 修改: 2023-11-02 22:04
org.jenkins-ci.main:jenkins-core	CVE-2021-21615	中危	2.249.1	2.263.3, 2.276	jenkins: Filesystem traversal by privileged users 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21615 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-01-26 18:16 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21639	中危	2.249.1	2.277.2, 2.287	jenkins: lack of type validation in agent related REST API 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21639 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-04-07 14:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21640	中危	2.249.1	2.277.2, 2.287	jenkins: view name validation bypass 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21640 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-04-07 14:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21670	中危	2.249.1	2.289.2, 2.300	jenkins: improper permission checks allow canceling queue items and aborting builds 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21670 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-06-30 17:15 修改: 2023-10-25 18:16
org.jenkins-ci.main:jenkins-core	CVE-2021-21682	中危	2.249.1	2.315, 2.303.2	Improper handling of equivalent directory names on Windows in Jenkins 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21682 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-10-06 23:15 修改: 2023-11-22 21:20
org.jenkins-ci.main:jenkins-core	CVE-2021-21683	中危	2.249.1	2.303.2, 2.315	Path traversal vulnerability on Windows in Jenkins 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21683 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-10-06 23:15 修改: 2023-11-22 21:18
org.jenkins-ci.main:jenkins-core	CVE-2022-0538	中危	2.249.1	2.334, 2.319.3	jenkins: DoS vulnerability in bundled XStream library 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0538 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-02-09 14:15 修改: 2023-11-30 19:15
org.jenkins-ci.main:jenkins-core	CVE-2022-20612	中危	2.249.1	2.330, 2.319.2	jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-20612 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-01-12 20:15 修改: 2023-11-22 21:32
org.jenkins-ci.main:jenkins-core	CVE-2022-34174	中危	2.249.1	2.356, 2.332.4	jenkins: Observable timing discrepancy allows determining username validity 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-34174 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-06-23 17:15 修改: 2023-11-03 18:15
org.jenkins-ci.main:jenkins-core	CVE-2023-27900	中危	2.249.1	2.394, 2.375.4, 2.387.1	Jenkins: Denial of Service attack 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27900 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-03-16 15:50
org.jenkins-ci.main:jenkins-core	CVE-2023-27902	中危	2.249.1	2.387.1, 2.375.4, 2.394	Jenkins: Workspace temporary directories accessible through directory browser 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27902 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-03-16 17:15
org.jenkins-ci.main:jenkins-core	CVE-2023-43494	中危	2.249.1	2.414.2, 2.424	jenkins: Builds can be filtered by values of sensitive build variables 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43494 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-09-20 17:15 修改: 2023-09-25 13:43
org.jenkins-ci.main:jenkins-core	CVE-2024-43045	中危	2.249.1	2.452.4, 2.462.1, 2.471	jenkins: Missing permission check allows accessing other users' "My Views" 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43045 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-08-07 14:15 修改: 2024-08-16 17:21
org.jenkins-ci.main:jenkins-core	CVE-2024-47803	中危	2.249.1	2.462.3, 2.479	jenkins: Exposure of multi-line secrets through error messages 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47803 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-02 16:15 修改: 2024-11-13 17:45
org.jenkins-ci.main:jenkins-core	CVE-2024-47804	中危	2.249.1	2.462.3, 2.479	jenkins: Item creation restriction bypass vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47804 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-02 16:15 修改: 2024-11-25 19:15
org.apache.ant:ant	CVE-2021-36373	中危	1.10.8	1.9.16, 1.10.11	ant: excessive memory allocation when reading a specially crafted TAR archive 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
org.eclipse.jetty.http2:http2-common	CVE-2023-44487	中危	9.4.30.v20200611	9.4.53, 10.0.17, 11.0.17	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
org.apache.ant:ant	CVE-2021-36374	中危	1.10.8	1.9.16, 1.10.11	ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
com.google.guava:guava	CVE-2018-10237	中危	11.0.1	24.1.1-android	guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
org.eclipse.jetty.http2:http2-server	CVE-2023-44487	中危	9.4.30.v20200611	9.4.53, 10.0.17, 11.0.17	HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44487 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-10-10 14:15 修改: 2024-12-20 17:40
org.springframework:spring-beans	CVE-2024-38827	中危	2.5.6.SEC03	6.1.14	spring-security: authorization bypass for case sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.eclipse.jetty:jetty-http	CVE-2023-40167	中危	9.4.30.v20200611	9.4.52, 10.0.16, 11.0.16, 12.0.1	jetty: Improper validation of HTTP/1 content-length 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-09-15 20:15 修改: 2023-10-13 01:59
org.springframework:spring-context	CVE-2024-38820	中危	2.5.6.SEC03	6.1.14	The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context	CVE-2024-38827	中危	2.5.6.SEC03	6.1.14	spring-security: authorization bypass for case sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.eclipse.jetty:jetty-http	CVE-2024-6763	中危	9.4.30.v20200611	12.0.12	org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
commons-io:commons-io	CVE-2021-29425	中危	2.6	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-04-13 07:15 修改: 2023-11-07 03:32
org.eclipse.jetty:jetty-server	CVE-2020-27218	中危	9.4.30.v20200611	9.4.35.v20201120	jetty: buffer not correctly recycled in Gzip Request inflation 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27218 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-11-28 01:15 修改: 2024-02-16 16:46
org.eclipse.jetty:jetty-server	CVE-2020-27223	中危	9.4.30.v20200611	9.4.37, 10.0.1, 11.0.1	jetty: request containing multiple Accept headers with a large number of "quality" parameters may lead to DoS 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27223 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-02-26 22:15 修改: 2023-11-07 03:20
org.eclipse.jetty:jetty-server	CVE-2023-26048	中危	9.4.30.v20200611	9.4.51.v20230217, 10.0.14, 11.0.14	jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter() 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-04-18 21:15 修改: 2023-09-30 15:15
org.springframework:spring-core	CVE-2009-1190	中危	2.5.6.SEC03	3.0.0.RELEASE	Spring Framework Remote Denial of Service vulnerability 漏洞详情: https://avd.aquasec.com/nvd/cve-2009-1190 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2009-04-27 22:30 修改: 2018-10-30 16:26
org.springframework:spring-core	CVE-2018-1257	中危	2.5.6.SEC03	5.0.6, 4.3.17	spring-framework: ReDoS Attack with spring-messaging 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1257 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2018-05-11 20:29 修改: 2022-06-23 16:31
org.springframework:spring-core	CVE-2018-1271	中危	2.5.6.SEC03	5.0.5, 4.3.15	spring-framework: Directory traversal vulnerability with static resources on Windows filesystems 漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1271 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2018-04-06 13:29 修改: 2022-06-23 16:33
org.springframework:spring-core	CVE-2024-38827	中危	2.5.6.SEC03	6.1.14	spring-security: authorization bypass for case sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-jdbc	CVE-2024-38827	中危	1.2.9	6.1.14	spring-security: authorization bypass for case sensitive comparisons 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.eclipse.jetty:jetty-server	CVE-2024-8184	中危	9.4.30.v20200611	12.0.9, 10.0.24, 11.0.24, 9.4.56	org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
commons-io:commons-io	CVE-2021-29425	中危	2.6	2.7	apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-04-13 07:15 修改: 2023-11-07 03:32
commons-httpclient:commons-httpclient	CVE-2012-5783	中危	3.1-jenkins-1	4.0	jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name 漏洞详情: https://avd.aquasec.com/nvd/cve-2012-5783 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2012-11-04 22:55 修改: 2021-04-23 17:28
junit:junit	CVE-2020-15250	中危	4.13	4.13.1	junit4: TemporaryFolder is shared between all users across system which could result in information disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15250 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-10-12 18:15 修改: 2023-11-07 03:17
org.springframework:spring-web	CVE-2013-6429	中危	2.5.6.SEC03	3.2.5.RELEASE	Framework: XML External Entity (XXE) injection flaw 漏洞详情: https://avd.aquasec.com/nvd/cve-2013-6429 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2014-01-26 16:58 修改: 2022-04-11 17:16
org.springframework:spring-web	CVE-2015-3192	中危	2.5.6.SEC03	3.2.14, 4.1.7, 5.0.0.RC3	Framework: denial-of-service attack with XML input 漏洞详情: https://avd.aquasec.com/nvd/cve-2015-3192 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2016-07-12 19:59 修改: 2022-04-11 17:18
org.springframework:spring-web	CVE-2024-38809	中危	2.5.6.SEC03	5.3.38, 6.0.23, 6.1.12	org.springframework:spring-web: Spring Framework DoS via conditional HTTP request 漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.apache.httpcomponents:httpclient	CVE-2020-13956	中危	4.5.12	4.5.13, 5.0.3	apache-httpclient: incorrect handling of malformed authority component in request URIs 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
org.acegisecurity:acegi-security	CVE-2010-3700	中危	1.0.7		Authentication Bypass Using an Alternate Path or Channel in SpringSource Spring Security and Acegi Security 漏洞详情: https://avd.aquasec.com/nvd/cve-2010-3700 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2010-10-29 19:00 修改: 2018-10-10 20:05
com.google.guava:guava	CVE-2023-2976	中危	11.0.1	32.0.0-android	guava: insecure temporary directory creation 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.springframework:spring-webmvc	CVE-2014-0054	中危	2.5.6.SEC03	3.2.8, 4.0.2	Framework: incomplete fix for CVE-2013-7315/CVE-2013-6429 漏洞详情: https://avd.aquasec.com/nvd/cve-2014-0054 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2014-04-17 14:55 修改: 2022-04-11 17:36
org.apache.sshd:sshd-core	CVE-2023-35887	中危	1.7.0	2.1.0	apache-mina-sshd: information exposure in SFTP server implementations 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-35887 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-07-10 16:15 修改: 2023-11-21 14:38
org.apache.sshd:sshd-core	CVE-2023-35887	中危	1.7.0	2.1.0	apache-mina-sshd: information exposure in SFTP server implementations 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-35887 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-07-10 16:15 修改: 2023-11-21 14:38
org.yaml:snakeyaml	CVE-2022-38749	中危	1.26	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml	CVE-2022-38750	中危	1.26	1.31	snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml	CVE-2022-38751	中危	1.26	1.31	snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml	CVE-2022-38752	中危	1.26	1.32	snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-09-05 10:15 修改: 2024-03-15 11:15
org.yaml:snakeyaml	CVE-2022-41854	中危	1.26	1.32	dev-java/snakeyaml: DoS via stack overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854 镜像层: sha256:55e96a51431c34be2e4147e36f3344fc9530382746277e483c6ff911826568a2 发布日期: 2022-11-11 13:15 修改: 2024-06-21 19:15
org.eclipse.jetty:jetty-xml	GHSA-58qw-p7qm-5rvh	低危	9.4.30.v20200611	10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823	Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations 漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
com.google.guava:guava	CVE-2020-8908	低危	11.0.1	32.0.0-android	guava: local information disclosure via temporary directory created with unsafe permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
org.eclipse.jetty:jetty-server	CVE-2021-34428	低危	9.4.30.v20200611	9.4.41, 10.0.3, 11.0.3	jetty: SessionListener can prevent a session from being invalidated breaking logout 漏洞详情: https://avd.aquasec.com/nvd/cve-2021-34428 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2021-06-22 15:15 修改: 2023-11-07 03:35
org.eclipse.jetty:jetty-server	CVE-2023-26049	低危	9.4.30.v20200611	9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0	jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-04-18 21:15 修改: 2024-02-01 15:36
org.jenkins-ci.main:jenkins-core	CVE-2023-27903	低危	2.249.1	2.387.1, 2.375.4, 2.394	Jenkins: Temporary file parameter created with insecure permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27903 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-03-15 20:12
org.jenkins-ci.main:jenkins-core	CVE-2023-27904	低危	2.249.1	2.387.1, 2.375.4, 2.394	Jenkins: Information disclosure through error stack traces related to agents 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27904 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-03-10 21:15 修改: 2023-03-15 19:54
org.jenkins-ci.main:jenkins-core	CVE-2023-43497	低危	2.249.1	2.414.2, 2.424	jenkins: Stapler web framework temporary uploaded file created with insecure permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43497 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-09-20 17:15 修改: 2023-09-23 03:45
org.jenkins-ci.main:jenkins-core	CVE-2023-43498	低危	2.249.1	2.414.2, 2.424	jenkins: API MultipartFormDataParser temporary uploaded file created with insecure permissions 漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43498 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2023-09-20 17:15 修改: 2024-09-25 01:36
org.eclipse.jetty:jetty-http	CVE-2022-2047	低危	9.4.30.v20200611	9.4.47, 10.0.10, 11.0.10	jetty-http: improver hostname input handling 漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047 镜像层: sha256:757958152e403e74437a6691505a65b29ff2cf9e4561626124194a959289aad0 发布日期: 2022-07-07 21:15 修改: 2022-10-25 19:10