docker.io/library/elasticsearch:7.17.16 linux/arm64

docker.io/library/elasticsearch:7.17.16 - Trivy安全扫描结果 扫描时间: 2026-07-07 19:17 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:32 中危漏洞:123 高危漏洞:29 严重漏洞:0

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2026-07-07 19:17

docker.io/library/elasticsearch:7.17.16 (ubuntu 20.04) (ubuntu)
低危漏洞:28 中危漏洞:64 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bsdutils CVE-2024-28085 中危 1:2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

curl CVE-2024-2398 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.22 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24

curl CVE-2024-7264 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19

curl CVE-2024-8096 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21

fdisk CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

gpgv CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08

libblkid1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libc-bin CVE-2024-2961 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.15 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25

libc-bin CVE-2024-33599 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33600 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33601 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2024-33602 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc-bin CVE-2025-0395 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26

libc-bin CVE-2025-4802 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libc6 CVE-2024-2961 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.15 glibc: Out of bounds write in iconv may lead to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2961

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-04-17 18:15 修改: 2026-06-17 07:25

libc6 CVE-2024-33599 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33600 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33601 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2024-33602 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.16 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-05-06 20:15 修改: 2026-06-17 07:32

libc6 CVE-2025-0395 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26

libc6 CVE-2025-4802 中危 2.31-0ubuntu9.14 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libcurl4 CVE-2024-2398 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.22 curl: HTTP/2 push headers memory-leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2398

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-03-27 08:15 修改: 2026-06-17 07:24

libcurl4 CVE-2024-7264 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19

libcurl4 CVE-2024-8096 中危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21

libfdisk1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libgnutls30 CVE-2024-0553 中危 3.6.13-2ubuntu1.9 3.6.13-2ubuntu1.10 gnutls: incomplete fix for CVE-2023-5981

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0553

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-01-16 12:15 修改: 2026-06-17 06:53

libgnutls30 CVE-2024-12243 中危 3.6.13-2ubuntu1.9 3.6.13-2ubuntu1.12 gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59

libgnutls30 CVE-2024-28834 中危 3.6.13-2ubuntu1.9 3.6.13-2ubuntu1.11 gnutls: vulnerable to Minerva side-channel information leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28834

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-21 14:15 修改: 2026-06-17 07:21

libgssapi-krb5-2 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libgssapi-krb5-2 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libgssapi-krb5-2 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libgssapi-krb5-2 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libgssapi-krb5-2 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libk5crypto3 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libk5crypto3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libk5crypto3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libk5crypto3 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libk5crypto3 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5-3 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libkrb5-3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libkrb5-3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libkrb5-3 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libkrb5-3 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5support0 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44

libkrb5support0 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38

libkrb5support0 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38

libkrb5support0 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59

libkrb5support0 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libmount1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libnghttp2-14 CVE-2024-28182 中危 1.40.0-1ubuntu0.2 1.40.0-1ubuntu0.3 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-04-04 15:15 修改: 2026-06-17 07:21

libpam-modules CVE-2024-22365 中危 1.3.1-5ubuntu4.6 1.3.1-5ubuntu4.7 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam-modules-bin CVE-2024-22365 中危 1.3.1-5ubuntu4.6 1.3.1-5ubuntu4.7 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam-runtime CVE-2024-22365 中危 1.3.1-5ubuntu4.6 1.3.1-5ubuntu4.7 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libpam0g CVE-2024-22365 中危 1.3.1-5ubuntu4.6 1.3.1-5ubuntu4.7 pam: allowing unprivileged user to block another user namespace

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22365

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-02-06 08:15 修改: 2026-06-17 07:11

libsmartcols1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

libsqlite3-0 CVE-2023-7104 中危 3.31.1-4ubuntu0.5 3.31.1-4ubuntu0.6 sqlite: heap-buffer-overflow at sessionfuzz

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7104

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-12-29 10:15 修改: 2026-06-17 06:52

libsqlite3-0 CVE-2025-29088 中危 3.31.1-4ubuntu0.5 3.31.1-4ubuntu0.7 sqlite: Denial of Service in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-04-10 14:15 修改: 2026-06-17 09:05

libssh-4 CVE-2023-48795 中危 0.9.3-2ubuntu2.3 0.9.3-2ubuntu2.4 ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48795

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-12-18 16:15 修改: 2026-06-17 06:34

libssh-4 CVE-2023-6004 中危 0.9.3-2ubuntu2.3 0.9.3-2ubuntu2.5 libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6004

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-01-03 17:15 修改: 2026-06-17 06:49

libssh-4 CVE-2023-6918 中危 0.9.3-2ubuntu2.3 0.9.3-2ubuntu2.5 libssh: Missing checks for return values for digests

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6918

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-12-19 00:15 修改: 2026-06-17 06:51

libtasn1-6 CVE-2024-12133 中危 4.16.0-2 4.16.0-2ubuntu0.1 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2025-02-10 16:15 修改: 2026-06-30 03:16

libuuid1 CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

mount CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

util-linux CVE-2024-28085 中危 2.34-0.1ubuntu9.4 2.34-0.1ubuntu9.6 util-linux: CVE-2024-28085: wall: escape sequence injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28085

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2024-03-27 19:15 修改: 2026-06-17 07:20

curl CVE-2024-11053 低危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.25 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56

libgssapi-krb5-2 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libgssapi-krb5-2 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libcurl4 CVE-2024-11053 低危 7.68.0-1ubuntu2.21 7.68.0-1ubuntu2.25 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56

libkrb5support0 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5support0 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libldap-2.4-2 CVE-2023-2953 低危 2.4.49+dfsg-2ubuntu1.9 2.4.49+dfsg-2ubuntu1.10 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-05-30 22:15 修改: 2026-06-17 05:53

libldap-common CVE-2023-2953 低危 2.4.49+dfsg-2ubuntu1.9 2.4.49+dfsg-2ubuntu1.10 openldap: null pointer dereference in ber_memalloc_x function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2953

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-05-30 22:15 修改: 2026-06-17 05:53

libssl1.1 CVE-2023-5678 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

libssl1.1 CVE-2024-0727 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

libssl1.1 CVE-2024-13176 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

libssl1.1 CVE-2024-2511 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

libssl1.1 CVE-2024-4741 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

libssl1.1 CVE-2024-5535 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

libssl1.1 CVE-2024-9143 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

libk5crypto3 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

libkrb5-3 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

login CVE-2023-4641 低危 1:4.8.1-1ubuntu5.20.04.4 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38

libkrb5-3 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

openssl CVE-2023-5678 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5678

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2023-11-06 16:15 修改: 2026-06-17 06:49

openssl CVE-2024-0727 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.21 openssl: denial of service via null dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-0727

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-01-26 09:15 修改: 2026-06-17 06:54

openssl CVE-2024-13176 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01

openssl CVE-2024-2511 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24

openssl CVE-2024-4741 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02

openssl CVE-2024-5535 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16

openssl CVE-2024-9143 低危 1.1.1f-1ubuntu2.20 1.1.1f-1ubuntu2.24 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24

passwd CVE-2023-4641 低危 1:4.8.1-1ubuntu5.20.04.4 1:4.8.1-1ubuntu5.20.04.5 shadow-utils: possible password leak during passwd(1) change

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4641

镜像层: sha256:b1099d79a48ef6b9eaf12e0083d6510f9d9a5f9085465344247ca2822a9687f0

发布日期: 2023-12-27 16:15 修改: 2026-06-17 06:38

libk5crypto3 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:972335275d380edd26105dae05ff49d453e84f8d001549e8961ef5986e793089

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17

Java (jar)
低危漏洞:4 中危漏洞:59 高危漏洞:29 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.14.2 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37

com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.14.2 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.14.2 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.14.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-23 21:17 修改: 2026-07-03 13:17

com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.16.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19

com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.23 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42

io.netty:netty-codec CVE-2026-42583 高危 4.1.94.Final 4.1.133.Final netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.94.Final 4.1.133.Final netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.94.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.94.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2025-24970 高危 4.1.94.Final 4.1.118.Final io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59

io.netty:netty-handler CVE-2025-24970 高危 4.1.94.Final 4.1.118.Final io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59

io.netty:netty-handler CVE-2026-44249 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-11 22:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-11 22:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

net.minidev:json-smart CVE-2023-1370 高危 2.4.8 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2023-03-22 06:15 修改: 2026-06-17 05:27

org.apache.santuario:xmlsec CVE-2021-40690 高危 2.1.4 2.2.3, 2.1.7 xml-security: XPath Transform abuse allows for information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40690

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2021-09-19 18:15 修改: 2026-06-17 04:07

org.apache.santuario:xmlsec CVE-2021-40690 高危 2.1.4 2.2.3, 2.1.7 xml-security: XPath Transform abuse allows for information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-40690

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2021-09-19 18:15 修改: 2026-06-17 04:07

org.lz4:lz4-java CVE-2025-12183 高危 1.8.0 1.8.1 lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31

org.lz4:lz4-java CVE-2025-66566 高危 1.8.0 lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57

org.yaml:snakeyaml CVE-2022-1471 高危 1.33 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2022-12-01 11:15 修改: 2026-06-17 04:22

org.yaml:snakeyaml CVE-2022-1471 高危 1.33 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2022-12-01 11:15 修改: 2026-06-17 04:22

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.94.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.94.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.94.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.94.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-30 03:19

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.94.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.94.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-common CVE-2024-47535 中危 4.1.94.Final 4.1.115.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57

io.netty:netty-common CVE-2024-47535 中危 4.1.94.Final 4.1.115.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57

io.netty:netty-common CVE-2025-25193 中危 4.1.94.Final 4.1.118.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00

io.netty:netty-common CVE-2025-25193 中危 4.1.94.Final 4.1.118.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00

com.nimbusds:nimbus-jose-jwt CVE-2025-53864 中危 9.23 10.0.2, 9.37.4 com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39

com.sun.mail:jakarta.mail CVE-2025-7962 中危 1.6.3 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-07-21 18:15 修改: 2026-06-23 12:16

com.sun.mail:jakarta.mail CVE-2025-7962 中危 1.6.4 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-07-21 18:15 修改: 2026-06-23 12:16

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.14.2 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.14.2 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

io.netty:netty-codec CVE-2025-58057 中危 4.1.94.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.94.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

com.google.guava:guava CVE-2018-10237 中危 19.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33

com.google.guava:guava CVE-2018-10237 中危 19.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.5.10 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.17.1 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.17.1 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.17.1 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58

org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.17.1 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.17.1 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

com.google.guava:guava CVE-2023-2976 中危 19.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53

com.google.guava:guava CVE-2023-2976 中危 19.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53

org.apache.santuario:xmlsec CVE-2023-44483 中危 2.1.4 2.3.4, 2.2.6, 3.0.3 santuario: Private Key disclosure in debug-log output

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2023-10-20 10:15 修改: 2026-06-17 06:27

org.apache.santuario:xmlsec CVE-2023-44483 中危 2.1.4 2.3.4, 2.2.6, 3.0.3 santuario: Private Key disclosure in debug-log output

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2023-10-20 10:15 修改: 2026-06-17 06:27

org.bouncycastle:bc-fips CVE-2020-15522 中危 1.0.2 1.0.2.1 bouncycastle: Timing issue within the EC math library

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15522

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2021-05-20 12:15 修改: 2026-06-17 02:56

org.bouncycastle:bc-fips CVE-2022-45146 中危 1.0.2 1.0.2.4 bouncy-castle: Improper Authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45146

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2022-11-21 10:15 修改: 2026-06-17 05:09

org.bouncycastle:bc-fips CVE-2024-29857 中危 1.0.2 1.0.2.5 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23

org.bouncycastle:bc-fips CVE-2025-8885 中危 1.0.2 1.0.2.6, 2.0.1 bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk15on CVE-2025-8916 中危 1.64 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk15on CVE-2026-5588 中危 1.64 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21

org.elasticsearch.plugin:x-pack-core CVE-2025-68390 中危 7.17.16 8.19.8, 9.1.8, 9.2.2 elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68390

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-18 23:15 修改: 2026-06-17 09:59

org.elasticsearch.plugin:x-pack-security CVE-2025-68384 中危 7.17.16 8.19.9, 9.1.9, 9.2.3 elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68384

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-18 22:16 修改: 2026-06-17 09:59

org.elasticsearch:elasticsearch CVE-2024-23444 中危 7.17.16 8.13.0, 7.17.23 Elasticsearch stores private key on disk unencrypted

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23444

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-07-31 18:15 修改: 2026-06-17 07:12

org.elasticsearch:elasticsearch CVE-2024-23450 中危 7.17.16 7.17.19, 8.13.0 elasticsearch: Possible denial of service when processing documents in a deeply nested pipeline

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23450

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-03-27 17:15 修改: 2026-06-17 07:12

org.elasticsearch:elasticsearch CVE-2024-43709 中危 7.17.16 7.17.21, 8.13.3 elasticsearch: Elasticsearch allocation of resources without limits or throttling leads to crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43709

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-01-21 11:15 修改: 2026-06-17 07:51

org.elasticsearch:elasticsearch CVE-2024-52979 中危 7.17.16 7.17.25, 8.16.0 elasticsearch: Elasticsearch Uncontrolled Resource Consumption vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52979

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-05-01 14:15 修改: 2026-06-17 08:07

org.elasticsearch:elasticsearch CVE-2024-52980 中危 7.17.16 8.15.1 Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52980

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-04-08 17:15 修改: 2026-06-17 08:07

org.elasticsearch:elasticsearch CVE-2024-52981 中危 7.17.16 7.17.24, 8.15.1 Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52981

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-04-08 17:15 修改: 2026-06-17 08:07

org.elasticsearch:elasticsearch CVE-2025-37727 中危 7.17.16 8.18.8, 8.19.5, 9.0.8, 9.1.5 org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15

org.elasticsearch:elasticsearch CVE-2025-37731 中危 7.17.16 8.19.8, 9.1.8, 9.2.2 elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.14.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.14.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.94.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22

io.netty:netty-codec-http CVE-2024-29025 中危 4.1.94.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.94.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

com.google.guava:guava CVE-2020-8908 低危 19.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27

com.google.guava:guava CVE-2020-8908 低危 19.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.94.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:96418ac593404ed2ec99cfa6e0de5a9069d8bce36140ae503ea7a99064ad7268

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×