docker.io/owasp/benchmark:latest linux/amd64

docker.io/owasp/benchmark:latest - Trivy安全扫描结果 扫描时间: 2025-01-06 10:38
全部漏洞信息
低危漏洞:55 中危漏洞:201 高危漏洞:36 严重漏洞:22

系统OS: ubuntu 24.04 扫描引擎: Trivy 扫描时间: 2025-01-06 10:38

docker.io/owasp/benchmark:latest (ubuntu 24.04) (ubuntu)
低危漏洞:52 中危漏洞:114 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
openssh-client CVE-2024-6387 高危 1:9.6p1-3ubuntu13 1:9.6p1-3ubuntu13.3 openssh: regreSSHion - race condition in SSH allows RCE/DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6387

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-01 13:15 修改: 2024-09-14 03:15
gir1.2-glib-2.0 CVE-2024-52533 中危 2.80.0-6ubuntu1 2.80.0-6ubuntu3.2 glib: buffer overflow in set_connect_msg()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-11 23:15 修改: 2024-12-06 14:15
git CVE-2024-32002 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: Recursive clones RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32002

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
git CVE-2024-32004 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: RCE while cloning local repos

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32004

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
git CVE-2024-32020 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: insecure hardlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32020

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 19:15 修改: 2024-06-10 18:15
git CVE-2024-32021 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: symlink bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32021

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
git CVE-2024-32465 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: additional local RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32465

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
git-man CVE-2024-32002 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: Recursive clones RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32002

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
git-man CVE-2024-32004 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: RCE while cloning local repos

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32004

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 19:15 修改: 2024-06-26 10:15
git-man CVE-2024-32020 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: insecure hardlinks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32020

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 19:15 修改: 2024-06-10 18:15
git-man CVE-2024-32021 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: symlink bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32021

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
git-man CVE-2024-32465 中危 1:2.43.0-1ubuntu7 1:2.43.0-1ubuntu7.1 git: additional local RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32465

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-14 20:15 修改: 2024-06-26 10:15
krb5-locales CVE-2024-26462 中危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
krb5-locales CVE-2024-37370 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
krb5-locales CVE-2024-37371 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libavahi-client3 CVE-2024-52615 中危 0.8-13ubuntu6 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-client3 CVE-2024-52616 中危 0.8-13ubuntu6 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common-data CVE-2024-52615 中危 0.8-13ubuntu6 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common-data CVE-2024-52616 中危 0.8-13ubuntu6 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common3 CVE-2024-52615 中危 0.8-13ubuntu6 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common3 CVE-2024-52616 中危 0.8-13ubuntu6 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libc-bin CVE-2024-33599 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33600 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33601 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc-bin CVE-2024-33602 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33599 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: stack-based buffer overflow in netgroup cache

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33599

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33600 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: null pointer dereferences after failed netgroup cache insertion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33600

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33601 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: netgroup cache may terminate daemon on memory allocation failure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33601

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libc6 CVE-2024-33602 中危 2.39-0ubuntu8.1 2.39-0ubuntu8.2 glibc: netgroup cache assumes NSS callback uses in-buffer strings

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-33602

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-06 20:15 修改: 2024-07-22 18:15
libcups2t64 CVE-2024-35235 中危 2.4.7-1.2ubuntu7 2.4.7-1.2ubuntu7.1 cups: Cupsd Listen arbitrary chmod 0140777

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-35235

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-11 15:16 修改: 2024-06-14 03:15
libcups2t64 CVE-2024-47175 中危 2.4.7-1.2ubuntu7 2.4.7-1.2ubuntu7.3 cups: libppd: remote command injection via attacker controlled data in PPD file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47175

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-26 22:15 修改: 2024-09-30 12:46
libcurl3t64-gnutls CVE-2024-7264 中危 8.5.0-2ubuntu10.1 8.5.0-2ubuntu10.2 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-31 08:15 修改: 2024-10-30 20:35
libcurl3t64-gnutls CVE-2024-8096 中危 8.5.0-2ubuntu10.1 8.5.0-2ubuntu10.4 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-11 10:15 修改: 2024-09-11 16:26
libexpat1 CVE-2024-45490 中危 2.6.1-2build1 2.6.1-2ubuntu0.1 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-30 03:15 修改: 2024-10-18 12:24
libexpat1 CVE-2024-45491 中危 2.6.1-2build1 2.6.1-2ubuntu0.1 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libexpat1 CVE-2024-45492 中危 2.6.1-2build1 2.6.1-2ubuntu0.1 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-30 03:15 修改: 2024-09-04 14:28
libglib2.0-0t64 CVE-2024-34397 中危 2.80.0-6ubuntu1 2.80.0-6ubuntu3.1 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-07 18:15 修改: 2024-11-15 18:35
libglib2.0-0t64 CVE-2024-52533 中危 2.80.0-6ubuntu1 2.80.0-6ubuntu3.2 glib: buffer overflow in set_connect_msg()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-11 23:15 修改: 2024-12-06 14:15
libglib2.0-data CVE-2024-34397 中危 2.80.0-6ubuntu1 2.80.0-6ubuntu3.1 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-07 18:15 修改: 2024-11-15 18:35
libglib2.0-data CVE-2024-52533 中危 2.80.0-6ubuntu1 2.80.0-6ubuntu3.2 glib: buffer overflow in set_connect_msg()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-11 23:15 修改: 2024-12-06 14:15
libgssapi-krb5-2 CVE-2024-26462 中危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2 CVE-2024-37370 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libgssapi-krb5-2 CVE-2024-37371 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libk5crypto3 CVE-2024-26462 中危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-37370 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libk5crypto3 CVE-2024-37371 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5-3 CVE-2024-26462 中危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-37370 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libkrb5-3 CVE-2024-37371 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libkrb5support0 CVE-2024-26462 中危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-37370 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 22:15 修改: 2024-08-27 17:48
libkrb5support0 CVE-2024-37371 中危 1.20.1-6ubuntu2 1.20.1-6ubuntu2.1 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-28 23:15 修改: 2024-09-18 12:39
libnghttp2-14 CVE-2024-28182 中危 1.59.0-1build4 1.59.0-1ubuntu0.1 nghttp2: CONTINUATION frames DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-28182

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-04-04 15:15 修改: 2024-05-01 18:15
libpam-modules CVE-2024-10041 中危 1.5.3-5ubuntu5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules CVE-2024-10963 中危 1.5.3-5ubuntu5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-modules-bin CVE-2024-10041 中危 1.5.3-5ubuntu5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin CVE-2024-10963 中危 1.5.3-5ubuntu5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam-runtime CVE-2024-10041 中危 1.5.3-5ubuntu5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime CVE-2024-10963 中危 1.5.3-5ubuntu5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpam0g CVE-2024-10041 中危 1.5.3-5ubuntu5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g CVE-2024-10963 中危 1.5.3-5ubuntu5 pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10963

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-11-07 16:15 修改: 2024-11-11 18:15
libpython3.12-minimal CVE-2023-27043 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
libpython3.12-minimal CVE-2024-6232 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
libpython3.12-minimal CVE-2024-6923 中危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15
libpython3.12-minimal CVE-2024-8088 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
libpython3.12-minimal CVE-2024-9287 中危 3.12.3-1 3.12.3-1ubuntu0.3 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libpython3.12-stdlib CVE-2023-27043 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
libpython3.12-stdlib CVE-2024-6232 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
libpython3.12-stdlib CVE-2024-6923 中危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15
libpython3.12-stdlib CVE-2024-8088 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
libpython3.12-stdlib CVE-2024-9287 中危 3.12.3-1 3.12.3-1ubuntu0.3 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
libssl3t64 CVE-2024-6119 中危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.4 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
openjdk-11-jdk CVE-2024-21131 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: potential UTF8 size overflow (8314794)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21131

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:02
openjdk-11-jdk CVE-2024-21138 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Excessive symbol length can lead to infinite loop (8319859)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21138

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:05
openjdk-11-jdk CVE-2024-21140 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21140

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-01 13:46
openjdk-11-jdk CVE-2024-21144 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Pack200 increase loading time due to improper header validation (8322106)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21144

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jdk CVE-2024-21145 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Out-of-bounds access in 2D image handling (8324559)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21145

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jdk CVE-2024-21147 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: RangeCheckElimination array index overflow (8323231)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21147

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-13 00:49
openjdk-11-jdk CVE-2024-21235 中危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
openjdk-11-jdk-headless CVE-2024-21131 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: potential UTF8 size overflow (8314794)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21131

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:02
openjdk-11-jdk-headless CVE-2024-21138 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Excessive symbol length can lead to infinite loop (8319859)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21138

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:05
openjdk-11-jdk-headless CVE-2024-21140 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21140

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-01 13:46
openjdk-11-jdk-headless CVE-2024-21144 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Pack200 increase loading time due to improper header validation (8322106)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21144

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jdk-headless CVE-2024-21145 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Out-of-bounds access in 2D image handling (8324559)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21145

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jdk-headless CVE-2024-21147 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: RangeCheckElimination array index overflow (8323231)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21147

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-13 00:49
openjdk-11-jdk-headless CVE-2024-21235 中危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
openjdk-11-jre CVE-2024-21131 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: potential UTF8 size overflow (8314794)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21131

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:02
openjdk-11-jre CVE-2024-21138 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Excessive symbol length can lead to infinite loop (8319859)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21138

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:05
openjdk-11-jre CVE-2024-21140 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21140

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-01 13:46
openjdk-11-jre CVE-2024-21144 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Pack200 increase loading time due to improper header validation (8322106)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21144

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jre CVE-2024-21145 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Out-of-bounds access in 2D image handling (8324559)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21145

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jre CVE-2024-21147 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: RangeCheckElimination array index overflow (8323231)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21147

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-13 00:49
openjdk-11-jre CVE-2024-21235 中危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
openjdk-11-jre-headless CVE-2024-21131 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: potential UTF8 size overflow (8314794)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21131

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:02
openjdk-11-jre-headless CVE-2024-21138 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Excessive symbol length can lead to infinite loop (8319859)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21138

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-05 22:05
openjdk-11-jre-headless CVE-2024-21140 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow (8320548)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21140

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-01 13:46
openjdk-11-jre-headless CVE-2024-21144 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Pack200 increase loading time due to improper header validation (8322106)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21144

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jre-headless CVE-2024-21145 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: Out-of-bounds access in 2D image handling (8324559)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21145

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-12-16 20:13
openjdk-11-jre-headless CVE-2024-21147 中危 11.0.23+9-1ubuntu1 11.0.24+8-1ubuntu3~24.04.1 OpenJDK: RangeCheckElimination array index overflow (8323231)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21147

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-16 23:15 修改: 2024-08-13 00:49
openjdk-11-jre-headless CVE-2024-21235 中危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Integer conversion error leads to incorrect range check (8332644)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21235

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:30
gir1.2-glib-2.0 CVE-2024-34397 中危 2.80.0-6ubuntu1 2.80.0-6ubuntu3.1 glib2: Signal subscription vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34397

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-07 18:15 修改: 2024-11-15 18:35
openssh-client CVE-2024-39894 中危 1:9.6p1-3ubuntu13 1:9.6p1-3ubuntu13.4 openssh: Logic error in ObscureKeystrokeTiming

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39894

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-07-02 18:15 修改: 2024-09-11 16:15
openssl CVE-2024-6119 中危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.4 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
python3.12 CVE-2023-27043 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3.12 CVE-2024-6232 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3.12 CVE-2024-6923 中危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15
python3.12 CVE-2024-8088 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3.12 CVE-2024-9287 中危 3.12.3-1 3.12.3-1ubuntu0.3 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
python3.12-minimal CVE-2023-27043 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: Parsing errors in email/_parseaddr.py lead to incorrect value in email address part of tuple

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-27043

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2023-04-19 00:15 修改: 2024-02-26 16:27
python3.12-minimal CVE-2024-6232 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6232

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-09-03 13:15 修改: 2024-09-04 21:15
python3.12-minimal CVE-2024-6923 中危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6923

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-01 14:15 修改: 2024-09-04 21:15
python3.12-minimal CVE-2024-8088 中危 3.12.3-1 3.12.3-1ubuntu0.2 python: cpython: Iterating over a malicious ZIP file may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8088

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-22 19:15 修改: 2024-09-04 23:15
python3.12-minimal CVE-2024-9287 中危 3.12.3-1 3.12.3-1ubuntu0.3 python: Virtual environment (venv) activation scripts don't quote paths

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9287

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-22 17:15 修改: 2024-11-04 18:15
wget CVE-2021-31879 中危 1.21.4-1ubuntu4 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
wget CVE-2024-38428 中危 1.21.4-1ubuntu4 1.21.4-1ubuntu4.1 wget: Misinterpretation of input may lead to improper behavior

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38428

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-16 03:15 修改: 2024-10-28 21:35
libgif7 CVE-2023-48161 低危 5.2.2-1ubuntu1 giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48161

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2023-11-22 06:15 修改: 2023-11-29 18:48
libc6 CVE-2016-20013 低危 2.39-0ubuntu8.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5-3 CVE-2024-26458 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
openjdk-11-jdk-headless CVE-2024-21208 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jdk-headless CVE-2024-21210 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jdk-headless CVE-2024-21217 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
libpython3.12-minimal CVE-2024-4032 低危 3.12.3-1 3.12.3-1ubuntu0.1 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
libpython3.12-minimal CVE-2024-7592 低危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libkrb5-3 CVE-2024-26461 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
coreutils CVE-2016-2781 低危 9.4-3ubuntu6 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
git-man CVE-2018-1000021 低危 1:2.43.0-1ubuntu7 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libc-bin CVE-2016-20013 低危 2.39-0ubuntu8.1

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libkrb5support0 CVE-2024-26458 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
openjdk-11-jre CVE-2024-21208 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jre CVE-2024-21210 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jre CVE-2024-21217 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
libpython3.12-stdlib CVE-2024-4032 低危 3.12.3-1 3.12.3-1ubuntu0.1 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
libpython3.12-stdlib CVE-2024-7592 低危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libkrb5support0 CVE-2024-26461 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libssl3t64 CVE-2024-2511 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
libssl3t64 CVE-2024-41996 低危 3.0.13-0ubuntu3 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
libssl3t64 CVE-2024-4603 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
libssl3t64 CVE-2024-4741 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
openjdk-11-jre-headless CVE-2024-21208 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jre-headless CVE-2024-21210 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jre-headless CVE-2024-21217 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
libssl3t64 CVE-2024-5535 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
krb5-locales CVE-2024-26458 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libcurl3t64-gnutls CVE-2024-11053 低危 8.5.0-2ubuntu10.1 8.5.0-2ubuntu10.6 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-12-11 08:15 修改: 2024-12-15 17:15
openssl CVE-2024-2511 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-04-08 14:15 修改: 2024-10-14 15:15
openssl CVE-2024-41996 低危 3.0.13-0ubuntu3 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
openssl CVE-2024-4603 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: Excessive time spent checking DSA keys and parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4603

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-05-16 16:15 修改: 2024-10-14 15:15
openssl CVE-2024-4741 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-13 11:15 修改: 2024-11-13 17:01
openssl CVE-2024-5535 低危 3.0.13-0ubuntu3 3.0.13-0ubuntu3.2 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-27 11:15 修改: 2024-07-12 14:15
patch CVE-2018-6952 低危 2.7.6-7build3 patch: Double free of memory in pch.c:another_hunk() causes a crash

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6952

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2018-02-13 19:29 修改: 2019-04-17 20:29
patch CVE-2021-45261 低危 2.7.6-7build3 patch: Invalid Pointer via another_hunk function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-45261

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2021-12-22 18:15 修改: 2021-12-28 14:24
libcurl3t64-gnutls CVE-2024-9681 低危 8.5.0-2ubuntu10.1 8.5.0-2ubuntu10.5 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-11-06 08:15 修改: 2024-12-13 14:15
libgssapi-krb5-2 CVE-2024-26458 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2 CVE-2024-26461 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
krb5-locales CVE-2024-26461 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gpgv CVE-2022-3219 低危 2.4.4-2ubuntu17 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
python3.12 CVE-2024-4032 低危 3.12.3-1 3.12.3-1ubuntu0.1 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3.12 CVE-2024-7592 低危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
openjdk-11-jdk CVE-2024-21208 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: HTTP client improper handling of maxHeaderSize (8328286)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21208

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jdk CVE-2024-21210 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Array indexing integer overflow (8328544)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21210

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-31 13:35
openjdk-11-jdk CVE-2024-21217 低危 11.0.23+9-1ubuntu1 11.0.25+9-1ubuntu1~24.04 JDK: Unbounded allocation leads to out-of-memory error (8331446)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21217

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-10-15 20:15 修改: 2024-10-18 18:29
git CVE-2018-1000021 低危 1:2.43.0-1ubuntu7 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libk5crypto3 CVE-2024-26458 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
python3.12-minimal CVE-2024-4032 低危 3.12.3-1 3.12.3-1ubuntu0.1 python: incorrect IPv4 and IPv6 private ranges

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4032

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-06-17 15:15 修改: 2024-08-29 21:35
python3.12-minimal CVE-2024-7592 低危 3.12.3-1 3.12.3-1ubuntu0.2 cpython: python: Uncontrolled CPU resource consumption when in http.cookies module

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7592

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-08-19 19:15 修改: 2024-09-04 21:15
libk5crypto3 CVE-2024-26461 低危 1.20.1-6ubuntu2 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:66af7246b5956660867cdb671683698d4351c88bba3eebc6cae538c0a0f4f278

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libgcrypt20 CVE-2024-2236 低危 1.10.3-2build1 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:80098e3d304cd7858ad97b310cd16083fbe6fab2968be7a988fc6894cb85dc25

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
Java (jar)
低危漏洞:3 中危漏洞:87 高危漏洞:35 严重漏洞:22
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
commons-collections:commons-collections CVE-2015-7501 严重 3.1 3.2.2 apache-commons-collections: InvokerTransformer code execution during deserialisation

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-7501

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2017-11-09 17:29 修改: 2024-02-16 13:15
dom4j:dom4j CVE-2020-10683 严重 1.6.1 dom4j: XML External Entity vulnerability in default SAX parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10683

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-05-01 19:15 修改: 2023-11-07 03:14
dom4j:dom4j CVE-2020-10683 严重 1.6.1 dom4j: XML External Entity vulnerability in default SAX parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10683

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-05-01 19:15 修改: 2023-11-07 03:14
dom4j:dom4j CVE-2020-10683 严重 1.6.1 dom4j: XML External Entity vulnerability in default SAX parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10683

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-05-01 19:15 修改: 2023-11-07 03:14
dom4j:dom4j CVE-2020-10683 严重 1.6.1 dom4j: XML External Entity vulnerability in default SAX parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10683

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-05-01 19:15 修改: 2023-11-07 03:14
dom4j:dom4j CVE-2020-10683 严重 1.6.1 dom4j: XML External Entity vulnerability in default SAX parser

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10683

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-05-01 19:15 修改: 2023-11-07 03:14
org.apache.maven.shared:maven-shared-utils CVE-2022-29599 严重 3.1.0 3.3.3 maven-shared-utils: Command injection via Commandline class

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-29599

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2022-05-23 11:16 修改: 2023-09-28 09:15
org.apache.maven:maven-compat CVE-2021-26291 严重 3.2.1 3.8.1 maven: Block repositories using http by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-26291

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2021-04-23 15:15 修改: 2023-11-07 03:31
org.apache.maven:maven-core CVE-2021-26291 严重 3.0 3.8.1 maven: Block repositories using http by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-26291

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2021-04-23 15:15 修改: 2023-11-07 03:31
org.apache.maven:maven-core CVE-2021-26291 严重 3.2.1 3.8.1 maven: Block repositories using http by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-26291

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2021-04-23 15:15 修改: 2023-11-07 03:31
org.apache.maven:maven-core CVE-2021-26291 严重 3.2.5 3.8.1 maven: Block repositories using http by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-26291

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2021-04-23 15:15 修改: 2023-11-07 03:31
org.apache.mina:mina-core CVE-2024-52046 严重 2.2.3 2.2.4, 2.1.10, 2.0.27 mina-core: Apache MINA: applications using unbounded deserialization may allow RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52046

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-25 10:15 修改: 2025-01-03 12:15
org.apache.mina:mina-core CVE-2024-52046 严重 2.2.3 2.2.4, 2.1.10, 2.0.27 mina-core: Apache MINA: applications using unbounded deserialization may allow RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52046

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-25 10:15 修改: 2025-01-03 12:15
org.apache.mina:mina-core CVE-2024-52046 严重 2.2.3 2.2.4, 2.1.10, 2.0.27 mina-core: Apache MINA: applications using unbounded deserialization may allow RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52046

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-25 10:15 修改: 2025-01-03 12:15
org.apache.mina:mina-core CVE-2024-52046 严重 2.2.3 2.2.4, 2.1.10, 2.0.27 mina-core: Apache MINA: applications using unbounded deserialization may allow RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52046

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-25 10:15 修改: 2025-01-03 12:15
org.apache.mina:mina-core CVE-2024-52046 严重 2.2.3 2.2.4, 2.1.10, 2.0.27 mina-core: Apache MINA: applications using unbounded deserialization may allow RCE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52046

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-25 10:15 修改: 2025-01-03 12:15
org.apache.tomcat:tomcat-catalina CVE-2024-52316 严重 9.0.87 9.0.96, 10.1.30, 11.0.1 tomcat: Apache Tomcat: Authentication bypass when using Jakarta Authentication API

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52316

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-11-18 12:15 修改: 2024-11-18 17:11
org.springframework:spring-web CVE-2016-1000027 严重 5.3.34 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.34 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.34 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.34 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
org.springframework:spring-web CVE-2016-1000027 严重 5.3.34 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-01-02 23:15 修改: 2023-04-20 09:15
dom4j:dom4j CVE-2018-1000632 高危 1.6.1 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000632

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51
dom4j:dom4j CVE-2018-1000632 高危 1.6.1 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000632

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51
dom4j:dom4j CVE-2018-1000632 高危 1.6.1 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000632

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51
dom4j:dom4j CVE-2018-1000632 高危 1.6.1 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000632

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51
org.apache.commons:commons-compress CVE-2024-25710 高危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.23.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.25.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.tomcat:tomcat-catalina CVE-2024-50379 高危 9.0.87 11.0.2, 10.1.34, 9.0.98 tomcat: RCE due to TOCTOU issue in JSP compilation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50379

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-17 13:15 修改: 2025-01-03 12:15
org.apache.tomcat:tomcat-catalina CVE-2024-56337 高危 9.0.87 11.0.2, 10.1.34, 9.0.98 tomcat: Incomplete fix for CVE-2024-50379 - RCE due to TOCTOU issue in JSP compilation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56337

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-20 16:15 修改: 2025-01-03 12:15
org.apache.tomcat:tomcat-coyote CVE-2024-34750 高危 9.0.87 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Improper Handling of Exceptional Conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34750

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-07-03 20:15 修改: 2024-07-09 16:22
org.apache.tomcat:tomcat-util CVE-2024-38286 高危 9.0.87 11.0.0-M21, 10.1.25, 9.0.90 tomcat: Denial of Service in Tomcat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38286

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-11-07 08:15 修改: 2024-11-08 19:01
org.apache.velocity:velocity CVE-2020-13936 高危 1.7 velocity: arbitrary code execution when attacker is able to modify templates

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13936

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2021-03-10 08:15 修改: 2023-11-07 03:17
org.codehaus.plexus:plexus-archiver CVE-2023-37460 高危 4.4.0 4.8.0 plexus-archiver: Arbitrary File Creation in AbstractUnArchiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37460

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2023-07-25 20:15 修改: 2023-08-03 13:52
org.codehaus.plexus:plexus-archiver CVE-2023-37460 高危 4.7.1 4.8.0 plexus-archiver: Arbitrary File Creation in AbstractUnArchiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-37460

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-07-25 20:15 修改: 2023-08-03 13:52
org.codehaus.plexus:plexus-utils CVE-2022-4244 高危 3.0.17 3.0.24 codehaus-plexus: Directory Traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4244

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-09-25 20:15 修改: 2024-10-10 20:04
org.hibernate:hibernate-core CVE-2020-25638 高危 3.6.10.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.hibernate:hibernate-core CVE-2020-25638 高危 3.6.10.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.hibernate:hibernate-core CVE-2020-25638 高危 3.6.10.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.hibernate:hibernate-core CVE-2020-25638 高危 3.6.10.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.hibernate:hibernate-core CVE-2020-25638 高危 3.6.10.Final 5.4.24.Final, 5.3.20.Final hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25638

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-12-02 15:15 修改: 2023-11-07 03:20
org.apache.commons:commons-compress CVE-2024-25710 高危 1.25.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
commons-io:commons-io CVE-2024-47554 高危 2.13.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-collections:commons-collections CVE-2015-6420 高危 3.1 3.2.2 Insecure Deserialization in Apache Commons Collection

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-6420

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2015-12-15 05:59 修改: 2023-11-07 02:26
commons-io:commons-io CVE-2024-47554 高危 2.11.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
dom4j:dom4j CVE-2018-1000632 高危 1.6.1 dom4j: XML Injection in Class: Element. Methods: addElement, addAttribute which can impact the integrity of XML documents

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000632

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2018-08-20 19:31 修改: 2023-11-07 02:51
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.34 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.34 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.34 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.34 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38816 高危 5.3.34 6.1.13 spring-webmvc: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38816

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-09-13 06:15 修改: 2024-12-27 16:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.34 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-19 18:15 修改: 2024-12-19 18:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.34 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-19 18:15 修改: 2024-12-19 18:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.34 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-19 18:15 修改: 2024-12-19 18:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.34 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-19 18:15 修改: 2024-12-19 18:15
org.springframework:spring-webmvc CVE-2024-38819 高危 5.3.34 6.1.14 org.springframework:spring-webmvc: Path traversal vulnerability in functional web frameworks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38819

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-19 18:15 修改: 2024-12-19 18:15
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.apache.commons:commons-compress CVE-2024-26308 中危 1.25.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.25.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
com.google.guava:guava CVE-2023-2976 中危 16.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.codehaus.plexus:plexus-utils CVE-2022-4245 中危 3.0.17 3.0.24 codehaus-plexus: XML External Entity (XXE) Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4245

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-09-25 20:15 修改: 2024-10-10 20:02
org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
com.google.guava:guava CVE-2023-2976 中危 28.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
org.apache.commons:commons-compress CVE-2023-42503 中危 1.23.0 1.24.0 apache-commons-compress: Denial of service via CPU consumption for malformed TAR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-09-14 08:15 修改: 2024-02-21 21:27
org.apache.tomcat:tomcat-catalina CVE-2024-54677 中危 9.0.87 11.0.2, 10.1.34, 9.0.98 tomcat: Apache Tomcat: DoS in examples web application

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-54677

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-17 13:15 修改: 2024-12-18 17:15
org.apache.commons:commons-compress CVE-2024-26308 中危 1.23.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.hibernate:hibernate-core CVE-2019-14900 中危 3.6.10.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.hibernate:hibernate-core CVE-2019-14900 中危 3.6.10.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.hibernate:hibernate-core CVE-2019-14900 中危 3.6.10.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.hibernate:hibernate-core CVE-2019-14900 中危 3.6.10.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.hibernate:hibernate-core CVE-2019-14900 中危 3.6.10.Final 5.3.18, 5.4.18, 5.5.0.Beta1 hibernate: SQL injection issue in Hibernate ORM

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14900

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-07-06 19:15 修改: 2023-11-07 03:05
org.iq80.snappy:snappy CVE-2024-36124 中危 0.4 0.5 snappy: tries to read outside the bounds of the given byte arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36124

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2024-06-03 15:15 修改: 2024-06-03 19:23
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.7.4 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.7.4 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.7.4 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.7.4 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.antisamy:antisamy CVE-2024-23635 中危 1.7.4 1.7.5 AntiSamy is a library for performing fast, configurable cleansing of H ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23635

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-02-02 17:15 修改: 2024-02-10 01:38
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 中危 2.5.3.1 2.6.0.0 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 中危 2.5.3.1 2.6.0.0 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 中危 2.5.3.1 2.6.0.0 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 中危 2.5.3.1 2.6.0.0 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.owasp.esapi:esapi GHSA-r68h-jhhj-9jvm 中危 2.5.3.1 2.6.0.0 Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year

漏洞详情: https://github.com/advisories/GHSA-r68h-jhhj-9jvm

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
org.springframework:spring-beans CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-beans CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-beans CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-beans CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-beans CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.34 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.34 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.34 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.34 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38820 中危 5.3.34 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-10-18 06:15 修改: 2024-11-29 12:15
org.springframework:spring-context CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-context CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-context CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-context CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-context CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-core CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-core CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-core CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-core CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-core CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-expression CVE-2024-38808 中危 5.3.34 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38808 中危 5.3.34 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38808 中危 5.3.34 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38808 中危 5.3.34 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38808 中危 5.3.34 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-08-20 08:15 修改: 2024-10-30 19:35
org.springframework:spring-expression CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-expression CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-expression CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-expression CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-expression CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-jdbc CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-jdbc CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-jdbc CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-jdbc CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
org.springframework:spring-jdbc CVE-2024-38827 中危 5.3.34 6.1.14 spring-security: authorization bypass for case sensitive comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38827

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-12-02 15:15 修改: 2024-12-02 15:15
com.google.guava:guava CVE-2023-2976 中危 10.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2018-10237 中危 16.0.1 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.springframework:spring-web CVE-2024-38809 中危 5.3.34 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.springframework:spring-web CVE-2024-38809 中危 5.3.34 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.springframework:spring-web CVE-2024-38809 中危 5.3.34 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.springframework:spring-web CVE-2024-38809 中危 5.3.34 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.springframework:spring-web CVE-2024-38809 中危 5.3.34 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-09-27 17:15 修改: 2024-09-30 12:45
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.34 5.3.41 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.34 5.3.41 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.34 5.3.41 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.34 5.3.41 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:90d566ea865cf6ba6e656254b433692b4a8c50883edd9bfe7c2a3f3dae907dad

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
org.springframework:spring-webmvc CVE-2024-38828 中危 5.3.34 5.3.41 org.springframework:spring-webmvc: DoS via Spring MVC controller method with byte[] parameter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38828

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2024-11-18 04:15 修改: 2024-11-18 17:11
com.google.guava:guava CVE-2020-8908 低危 28.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 16.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:75873a4de5d828126d5f843118e51be8ed8b5df0b3e9ca12b786ecc1899524a0

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 10.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:7555c5c251e3fa730c4623b2c2b5b3f79d954c8b31ff827c5acc1a2e415a91ff

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30