docker.io/library/elasticsearch:8.16.6 linux/arm64

docker.io/library/elasticsearch:8.16.6 - Trivy安全扫描结果 扫描时间: 2026-07-11 02:02 温馨提示: 这是一个 linux/arm64 系统架构镜像
全部漏洞信息
低危漏洞:5 中危漏洞:91 高危漏洞:52 严重漏洞:4

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2026-07-11 02:02

docker.io/library/elasticsearch:8.16.6 (ubuntu 20.04) (ubuntu)
低危漏洞:0 中危漏洞:7 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libc-bin CVE-2025-4802 中危 2.31-0ubuntu9.17 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:37250a17e932419f4b54e624c819baf38c0025e7f9c4ba0e15af15f14a3d74c3

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libc6 CVE-2025-4802 中危 2.31-0ubuntu9.17 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:37250a17e932419f4b54e624c819baf38c0025e7f9c4ba0e15af15f14a3d74c3

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34

libgssapi-krb5-2 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:687d0bf6ac301ff0dfb8d2443e6fb27f5baa69a97d25c1c76a978c6cc1f0f846

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libk5crypto3 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:687d0bf6ac301ff0dfb8d2443e6fb27f5baa69a97d25c1c76a978c6cc1f0f846

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5-3 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:687d0bf6ac301ff0dfb8d2443e6fb27f5baa69a97d25c1c76a978c6cc1f0f846

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libkrb5support0 CVE-2025-3576 中危 1.17-6ubuntu4.9 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:687d0bf6ac301ff0dfb8d2443e6fb27f5baa69a97d25c1c76a978c6cc1f0f846

发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16

libsqlite3-0 CVE-2025-29088 中危 3.31.1-4ubuntu0.6 3.31.1-4ubuntu0.7 sqlite: Denial of Service in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088

镜像层: sha256:687d0bf6ac301ff0dfb8d2443e6fb27f5baa69a97d25c1c76a978c6cc1f0f846

发布日期: 2025-04-10 14:15 修改: 2026-06-17 09:05

Java (jar)
低危漏洞:5 中危漏洞:84 高危漏洞:52 严重漏洞:4
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.tika:tika-core CVE-2025-66516 严重 2.9.2 3.2.2 tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66516

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-04 17:15 修改: 2026-06-17 09:56

org.apache.tika:tika-parser-pdf-module CVE-2025-54988 严重 2.9.2 3.2.2 org.apache.tika/tika-parser-pdf-module: Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-54988

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-08-20 20:15 修改: 2026-06-17 09:41

org.apache.tika:tika-parser-pdf-module CVE-2025-66516 严重 2.9.2 3.2.2 tika-core: tika-parsers: tika-parser-pdf-module: Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66516

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-04 17:15 修改: 2026-06-17 09:56

org.bouncycastle:bcprov-jdk18on CVE-2025-14813 严重 1.78.1 1.80.2, 1.81.1, 1.84 bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-07-09 13:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-07-09 13:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-07-09 13:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-07-09 13:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54513 高危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-07-09 13:17

io.netty:netty-codec CVE-2026-42583 高危 4.1.118.Final 4.1.133.Final netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.118.Final 4.1.133.Final netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.118.Final 4.1.133.Final netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec CVE-2026-42583 高危 4.1.118.Final 4.1.133.Final netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-dns CVE-2026-42579 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-dns CVE-2026-42579 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: Netty: High integrity impact due to improper DNS domain name constraint enforcement

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42579

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.118.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.118.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.118.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-33870 高危 4.1.118.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42584 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42587 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http2 CVE-2025-55163 高危 4.1.118.Final 4.2.4.Final, 4.1.124.Final netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41

io.netty:netty-codec-http2 CVE-2025-55163 高危 4.1.118.Final 4.2.4.Final, 4.1.124.Final netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41

io.netty:netty-codec-http2 CVE-2026-33871 高危 4.1.118.Final 4.1.132.Final, 4.2.11.Final netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http2 CVE-2026-33871 高危 4.1.118.Final 4.1.132.Final, 4.2.11.Final netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17

io.netty:netty-codec-http2 CVE-2026-42587 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http2 CVE-2026-42587 高危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-11 22:16 修改: 2026-07-09 13:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-11 22:16 修改: 2026-07-09 13:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-11 22:16 修改: 2026-07-09 13:17

io.netty:netty-handler CVE-2026-44249 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-11 22:16 修改: 2026-07-09 13:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-45416 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

io.netty:netty-handler CVE-2026-50010 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

io.netty:netty-resolver-dns CVE-2026-45674 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-resolver-dns CVE-2026-45674 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty: Information disclosure and data manipulation due to improper CNAME record validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45674

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-07-03 13:17

io.netty:netty-resolver-dns CVE-2026-47691 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

io.netty:netty-resolver-dns CVE-2026-47691 高危 4.1.118.Final 4.2.15.Final, 4.1.135.Final io.netty/netty-resolver-dns: Netty has Insufficient Bailiwick Validation for NS Records

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47691

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-03 13:17

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

com.fasterxml.jackson.core:jackson-databind CVE-2026-54512 高危 2.15.0 2.18.8, 3.1.4, 2.21.4 jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01

org.lz4:lz4-java CVE-2025-12183 高危 1.8.0 1.8.1 lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31

org.lz4:lz4-java CVE-2025-66566 高危 1.8.0 lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.118.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.118.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.118.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2025-67735 中危 4.1.118.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.118.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.118.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.118.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-41417 中危 4.1.118.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42580 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42581 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-42585 中危 4.1.118.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http CVE-2026-50020 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.fasterxml.jackson.core:jackson-databind CVE-2026-54515 中危 2.15.0 3.1.4, 2.18.9, 2.21.5, 2.22.1 jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38

com.sun.mail:jakarta.mail CVE-2025-7962 中危 1.6.3 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-07-21 18:15 修改: 2026-06-23 12:16

io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54

io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54

io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.118.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-09 13:17

io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.118.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-07-09 13:17

io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57

com.sun.mail:jakarta.mail CVE-2025-7962 中危 1.6.4 1.6.8, 2.0.2 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-07-21 18:15 修改: 2026-06-23 12:16

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.17.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.17.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

io.netty:netty-codec CVE-2025-58057 中危 4.1.118.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.118.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.118.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

io.netty:netty-codec CVE-2025-58057 中危 4.1.118.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

io.netty:netty-resolver-dns CVE-2026-45673 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.netty:netty-resolver-dns CVE-2026-45673 中危 4.1.118.Final 4.2.15.Final, 4.1.135.Final netty-resolver-dns: Netty DNS resolver: DNS Cache Poisoning via predictable transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45673

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52

io.opentelemetry:opentelemetry-api CVE-2026-45292 中危 1.31.0 1.62.0 opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45292

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-28 17:16 修改: 2026-07-09 13:17

io.projectreactor.netty:reactor-netty-http CVE-2025-22227 中危 1.0.45 1.3.0-M5, 1.2.8 io.projectreactor.netty/reactor-netty: Reactor Netty Credential Leak via Redirects

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22227

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-07-16 10:15 修改: 2026-06-17 08:45

org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.14.0 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30

org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.9 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.12.4 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58

org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.12.4 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.12.4 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.19.0 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58

org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39

org.apache.poi:poi-ooxml CVE-2025-31672 中危 5.2.5 5.4.0 org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31672

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-04-09 12:15 修改: 2026-06-17 09:10

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.15.0 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

org.bouncycastle:bc-fips CVE-2025-8885 中危 1.0.2.5 1.0.2.6, 2.0.1 bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk18on CVE-2025-8916 中危 1.78.1 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk18on CVE-2026-5588 中危 1.78.1 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

org.bouncycastle:bcprov-jdk18on CVE-2026-0636 中危 1.78.1 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17

org.elasticsearch.plugin:x-pack-core CVE-2025-68390 中危 8.16.6 8.19.8, 9.1.8, 9.2.2 elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68390

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-18 23:15 修改: 2026-06-17 09:59

org.elasticsearch.plugin:x-pack-security CVE-2025-68384 中危 8.16.6 8.19.9, 9.1.9, 9.2.3 elasticsearch: Elasticsearch Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68384

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-18 22:16 修改: 2026-06-17 09:59

org.elasticsearch:elasticsearch CVE-2025-37727 中危 8.16.6 8.18.8, 8.19.5, 9.0.8, 9.1.5 org.elasticsearch/elasticsearch-core: Elasticsearch Insertion of sensitive information in log file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37727

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-10-10 10:15 修改: 2026-06-17 09:15

org.elasticsearch:elasticsearch CVE-2025-37731 中危 8.16.6 8.19.8, 9.1.8, 9.2.2 elasticsearch: Elasticsearch: User impersonation due to improper authentication in Public Key Infrastructure (PKI) realm

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-37731

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-12-15 11:15 修改: 2026-06-17 09:15

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.15.0 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.118.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.118.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.118.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-codec-http CVE-2025-58056 低危 4.1.118.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43

io.netty:netty-handler-proxy CVE-2026-42578 低危 4.1.118.Final 4.1.133.Final, 4.2.13.Final netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578

镜像层: sha256:53b26edd423a60fca12144d5c16b352c3075b4568bea657f6c8122b1b48c46bc

发布日期: 2026-05-13 19:17 修改: 2026-07-09 13:17

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×