docker.io/rancher/server:stable linux/amd64

docker.io/rancher/server:stable - Trivy安全扫描结果 扫描时间: 2026-07-14 17:23
全部漏洞信息
低危漏洞:81 中危漏洞:112 高危漏洞:80 严重漏洞:28

系统OS: ubuntu 14.04 扫描引擎: Trivy 扫描时间: 2026-07-14 17:23

docker.io/rancher/server:stable (ubuntu 14.04) (ubuntu)
低危漏洞:66 中危漏洞:55 高危漏洞:7 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
apt CVE-2019-3462 高危 1.0.1ubuntu2.17 1.0.1ubuntu2.19 Incorrect sanitation of the 302 redirect field in HTTP transport metho ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3462

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-28 21:29 修改: 2026-06-17 02:35

apt-utils CVE-2019-3462 高危 1.0.1ubuntu2.17 1.0.1ubuntu2.19 Incorrect sanitation of the 302 redirect field in HTTP transport metho ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3462

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-28 21:29 修改: 2026-06-17 02:35

libapt-inst1.5 CVE-2019-3462 高危 1.0.1ubuntu2.17 1.0.1ubuntu2.19 Incorrect sanitation of the 302 redirect field in HTTP transport metho ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3462

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-28 21:29 修改: 2026-06-17 02:35

libapt-pkg4.12 CVE-2019-3462 高危 1.0.1ubuntu2.17 1.0.1ubuntu2.19 Incorrect sanitation of the 302 redirect field in HTTP transport metho ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3462

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-28 21:29 修改: 2026-06-17 02:35

libc-bin CVE-2018-1000001 高危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000001

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-01-31 14:29 修改: 2026-06-17 01:32

libc6 CVE-2018-1000001 高危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000001

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-01-31 14:29 修改: 2026-06-17 01:32

multiarch-support CVE-2018-1000001 高危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: realpath() buffer underflow when getcwd() returns relative path allows privilege escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000001

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-01-31 14:29 修改: 2026-06-17 01:32

gnupg CVE-2018-12020 中危 1.4.16-1ubuntu2.4 1.4.16-1ubuntu2.5 gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12020

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-06-08 21:29 修改: 2026-06-17 01:37

gpgv CVE-2017-7526 中危 1.4.16-1ubuntu2.4 1.4.16-1ubuntu2.6 libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7526

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-07-26 13:29 修改: 2026-06-17 01:24

gpgv CVE-2018-12020 中危 1.4.16-1ubuntu2.4 1.4.16-1ubuntu2.5 gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12020

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-06-08 21:29 修改: 2026-06-17 01:37

isc-dhcp-client CVE-2018-5732 中危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5732

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-10-09 16:15 修改: 2026-06-17 02:00

isc-dhcp-client CVE-2018-5733 中危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: Reference count overflow in dhcpd allows denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5733

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-16 20:29 修改: 2026-06-17 02:00

isc-dhcp-common CVE-2018-5732 中危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5732

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-10-09 16:15 修改: 2026-06-17 02:00

isc-dhcp-common CVE-2018-5733 中危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: Reference count overflow in dhcpd allows denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5733

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-16 20:29 修改: 2026-06-17 02:00

busybox-initramfs CVE-2015-9261 中危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: Segmentation fault when unzipping specially crafted zip file

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-9261

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-07-26 19:29 修改: 2024-11-21 02:40

busybox-initramfs CVE-2017-16544 中危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: Insufficient sanitization of filenames when autocompleting

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16544

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-11-20 15:29 修改: 2026-06-17 01:09

busybox-initramfs CVE-2018-1000517 中危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: wget: Heap-based buffer overflow in the retrieve_file_data() function

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000517

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-06-26 16:29 修改: 2026-06-17 01:32

busybox-initramfs CVE-2019-5747 中危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: Out of bounds read in udhcp components resulting in information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-5747

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-09 16:29 修改: 2026-06-17 02:38

libprocps3 CVE-2018-1122 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: Local privilege escalation in top

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1122

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 14:29 修改: 2026-06-17 01:50

libprocps3 CVE-2018-1123 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: denial of service in ps via mmap buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1123

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 14:29 修改: 2026-06-17 01:50

libprocps3 CVE-2018-1124 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: Integer overflows leading to heap overflow in file2strvec

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1124

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 13:29 修改: 2026-06-17 01:50

libprocps3 CVE-2018-1125 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: stack buffer overflow in pgrep

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1125

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 14:29 修改: 2026-06-17 01:50

libprocps3 CVE-2018-1126 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1126

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 13:29 修改: 2026-06-17 01:50

libpython3.4-minimal CVE-2018-1000802 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Command injection in the shutil module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000802

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-18 17:29 修改: 2026-06-17 01:33

libpython3.4-minimal CVE-2018-14647 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Missing salt initialization in _elementtree.c module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14647

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-25 00:29 修改: 2026-06-17 01:41

libpython3.4-stdlib CVE-2018-1000802 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Command injection in the shutil module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000802

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-18 17:29 修改: 2026-06-17 01:33

libpython3.4-stdlib CVE-2018-14647 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Missing salt initialization in _elementtree.c module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14647

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-25 00:29 修改: 2026-06-17 01:41

libssl1.0.0 CVE-2018-0739 中危 1.0.1f-1ubuntu2.23 1.0.1f-1ubuntu2.24 openssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0739

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-03-27 21:29 修改: 2026-06-17 01:31

libudev1 CVE-2018-1049 中危 204-5ubuntu20.25 204-5ubuntu20.26 systemd: automount: access to automounted volumes can lock up

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1049

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-02-16 21:29 修改: 2026-06-17 01:50

libudev1 CVE-2019-3842 中危 204-5ubuntu20.25 204-5ubuntu20.31 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2019-04-09 21:29 修改: 2026-06-17 02:35

libx11-6 CVE-2018-14598 中危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Crash on invalid reply in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14598

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2018-08-24 19:29 修改: 2026-06-17 01:41

libx11-6 CVE-2018-14599 中危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Off-by-one error in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14599

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2018-08-24 19:29 修改: 2026-06-17 01:41

libx11-6 CVE-2018-14600 中危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Out of Bounds write in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14600

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2018-08-24 19:29 修改: 2026-06-17 01:41

libx11-data CVE-2018-14598 中危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Crash on invalid reply in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14598

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2018-08-24 19:29 修改: 2026-06-17 01:41

libx11-data CVE-2018-14599 中危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Off-by-one error in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14599

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2018-08-24 19:29 修改: 2026-06-17 01:41

libx11-data CVE-2018-14600 中危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Out of Bounds write in XListExtensions in ListExt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14600

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2018-08-24 19:29 修改: 2026-06-17 01:41

gnupg CVE-2017-7526 中危 1.4.16-1ubuntu2.4 1.4.16-1ubuntu2.6 libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7526

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-07-26 13:29 修改: 2026-06-17 01:24

ntpdate CVE-2018-7183 中危 1:4.2.6.p5+dfsg-3ubuntu2.14.04.12 1:4.2.6.p5+dfsg-3ubuntu2.14.04.13 ntp: decodearr() can write beyond its buffer limit

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7183

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-03-08 20:29 修改: 2026-06-17 02:02

perl CVE-2018-12015 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.6 perl: Directory traversal in Archive::Tar

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12015

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-07 13:29 修改: 2026-06-17 01:36

perl CVE-2018-18311 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.7 perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18311

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-12-07 21:29 修改: 2026-06-17 01:46

perl CVE-2018-18313 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.7 perl: Heap-based buffer read overflow in S_grok_bslash_N()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18313

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-12-07 21:29 修改: 2026-06-17 01:46

perl CVE-2018-6913 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: heap buffer overflow in pp_pack.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6913

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-04-17 20:29 修改: 2026-06-17 02:02

perl-base CVE-2018-12015 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.6 perl: Directory traversal in Archive::Tar

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12015

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-07 13:29 修改: 2026-06-17 01:36

perl-base CVE-2018-18311 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.7 perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18311

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-12-07 21:29 修改: 2026-06-17 01:46

perl-base CVE-2018-18313 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.7 perl: Heap-based buffer read overflow in S_grok_bslash_N()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18313

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-12-07 21:29 修改: 2026-06-17 01:46

perl-base CVE-2018-6913 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: heap buffer overflow in pp_pack.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6913

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-04-17 20:29 修改: 2026-06-17 02:02

perl-modules CVE-2018-12015 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.6 perl: Directory traversal in Archive::Tar

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12015

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-07 13:29 修改: 2026-06-17 01:36

perl-modules CVE-2018-18311 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.7 perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18311

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-12-07 21:29 修改: 2026-06-17 01:46

perl-modules CVE-2018-18313 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.7 perl: Heap-based buffer read overflow in S_grok_bslash_N()

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-18313

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-12-07 21:29 修改: 2026-06-17 01:46

perl-modules CVE-2018-6913 中危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: heap buffer overflow in pp_pack.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-6913

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-04-17 20:29 修改: 2026-06-17 02:02

procps CVE-2018-1122 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: Local privilege escalation in top

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1122

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 14:29 修改: 2026-06-17 01:50

procps CVE-2018-1123 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: denial of service in ps via mmap buffer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1123

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 14:29 修改: 2026-06-17 01:50

procps CVE-2018-1124 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: Integer overflows leading to heap overflow in file2strvec

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1124

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 13:29 修改: 2026-06-17 01:50

procps CVE-2018-1125 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: stack buffer overflow in pgrep

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1125

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 14:29 修改: 2026-06-17 01:50

procps CVE-2018-1126 中危 1:3.3.9-1ubuntu2.2 1:3.3.9-1ubuntu2.3 procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1126

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-05-23 13:29 修改: 2026-06-17 01:50

python3.4 CVE-2018-1000802 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Command injection in the shutil module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000802

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-18 17:29 修改: 2026-06-17 01:33

python3.4 CVE-2018-14647 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Missing salt initialization in _elementtree.c module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14647

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-25 00:29 修改: 2026-06-17 01:41

python3.4-minimal CVE-2018-1000802 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Command injection in the shutil module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000802

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-18 17:29 修改: 2026-06-17 01:33

python3.4-minimal CVE-2018-14647 中危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: Missing salt initialization in _elementtree.c module

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14647

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-09-25 00:29 修改: 2026-06-17 01:41

sensible-utils CVE-2017-17512 中危 0.0.9 0.0.9ubuntu0.14.04.1 sensible-browser in sensible-utils before 0.0.11 does not validate str ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17512

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-12-11 06:29 修改: 2026-06-17 01:10

udev CVE-2018-1049 中危 204-5ubuntu20.25 204-5ubuntu20.26 systemd: automount: access to automounted volumes can lock up

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1049

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-02-16 21:29 修改: 2026-06-17 01:50

udev CVE-2019-3842 中危 204-5ubuntu20.25 204-5ubuntu20.31 systemd: Spoofing of XDG_SEAT allows for actions to be checked against "allow_active" instead of "allow_any"

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-3842

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2019-04-09 21:29 修改: 2026-06-17 02:35

libpython3.4-stdlib CVE-2018-1061 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1061

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-19 12:29 修改: 2026-06-17 01:50

libsqlite3-0 CVE-2018-8740 低危 3.8.2-1ubuntu2.1 3.8.2-1ubuntu2.2 sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-8740

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-03-17 00:29 修改: 2026-06-17 02:05

isc-dhcp-common CVE-2016-2774 低危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: unclosed TCP connections to OMAPI or failover ports can cause DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2774

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2016-03-09 15:59 修改: 2026-06-17 00:44

libssl1.0.0 CVE-2018-0495 低危 1.0.1f-1ubuntu2.23 1.0.1f-1ubuntu2.26 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-13 23:29 修改: 2026-06-17 01:30

libssl1.0.0 CVE-2018-0732 低危 1.0.1f-1ubuntu2.23 1.0.1f-1ubuntu2.26 openssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0732

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-12 13:29 修改: 2026-06-17 01:31

libssl1.0.0 CVE-2018-0734 低危 1.0.1f-1ubuntu2.23 1.0.1f-1ubuntu2.27 openssl: timing side channel attack in the DSA signature algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0734

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-10-30 12:29 修改: 2026-06-17 01:31

libssl1.0.0 CVE-2018-0737 低危 1.0.1f-1ubuntu2.23 1.0.1f-1ubuntu2.26 openssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0737

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-04-16 18:29 修改: 2026-06-17 01:31

libssl1.0.0 CVE-2018-5407 低危 1.0.1f-1ubuntu2.23 1.0.1f-1ubuntu2.27 openssl: Side-channel vulnerability on SMT/Hyper-Threading architectures (PortSmash)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5407

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-11-15 21:29 修改: 2026-06-17 02:00

libtasn1-6 CVE-2017-10790 低危 3.4-3ubuntu0.5 3.4-3ubuntu0.6 libtasn1: NULL pointer dereference in the _asn1_check_identifier function

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-10790

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-07-02 03:29 修改: 2026-06-17 01:00

isc-dhcp-common CVE-2017-3144 低危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: omapi code doesn't free socket descriptors when empty message is received allowing denial-of-service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3144

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-16 20:29 修改: 2026-06-17 01:17

file CVE-2014-9653 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: malformed elf file causes access to uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9653

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2015-03-30 10:59 修改: 2026-05-06 22:30

file CVE-2015-8865 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: Buffer over-write in finfo_open with malformed magic file

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8865

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2016-05-20 10:59 修改: 2026-05-06 22:30

file CVE-2018-10360 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: out-of-bounds read via a crafted ELF file

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10360

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-06-11 10:29 修改: 2026-06-17 01:33

libc-bin CVE-2017-1000408 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Memory leak reachable via LD_HWCAP_MASK

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000408

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-02-01 04:29 修改: 2026-06-17 00:59

libx11-6 CVE-2016-7942 低危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Insufficient validation of server responses in XGetImage()

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-7942

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2016-12-13 20:59 修改: 2026-06-17 00:53

libx11-6 CVE-2016-7943 低危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Insufficient validation of server responses in FontNames

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-7943

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2016-12-13 20:59 修改: 2026-06-17 00:53

libc-bin CVE-2017-1000409 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow triggerable via LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000409

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-02-01 04:29 修改: 2026-06-17 00:59

libc-bin CVE-2017-15670 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow in glob with GLOB_TILDE

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15670

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-20 17:29 修改: 2026-06-17 01:08

libc-bin CVE-2017-15804 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow during unescaping of user names with the ~ operator

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15804

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-22 20:29 修改: 2026-06-17 01:08

libx11-data CVE-2016-7942 低危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Insufficient validation of server responses in XGetImage()

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-7942

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2016-12-13 20:59 修改: 2026-06-17 00:53

libx11-data CVE-2016-7943 低危 2:1.6.2-1ubuntu2 2:1.6.2-1ubuntu2.1 libX11: Insufficient validation of server responses in FontNames

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-7943

镜像层: sha256:fadf1fad35886b8ab2482e1f7341f4012f0bb7fb2b3828b8fe706c26994f20e2

发布日期: 2016-12-13 20:59 修改: 2026-06-17 00:53

libc-bin CVE-2017-16997 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16997

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-12-18 01:29 修改: 2026-06-17 01:10

multiarch-support CVE-2017-1000408 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Memory leak reachable via LD_HWCAP_MASK

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000408

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-02-01 04:29 修改: 2026-06-17 00:59

multiarch-support CVE-2017-1000409 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow triggerable via LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000409

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-02-01 04:29 修改: 2026-06-17 00:59

multiarch-support CVE-2017-15670 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow in glob with GLOB_TILDE

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15670

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-20 17:29 修改: 2026-06-17 01:08

multiarch-support CVE-2017-15804 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow during unescaping of user names with the ~ operator

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15804

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-22 20:29 修改: 2026-06-17 01:08

multiarch-support CVE-2017-16997 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16997

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-12-18 01:29 修改: 2026-06-17 01:10

busybox-initramfs CVE-2011-5325 低危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: Path traversal via crafted tar file containing symlink

漏洞详情: https://avd.aquasec.com/nvd/cve-2011-5325

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-08-07 17:29 修改: 2026-05-13 00:24

ntpdate CVE-2018-7185 低危 1:4.2.6.p5+dfsg-3ubuntu2.14.04.12 1:4.2.6.p5+dfsg-3ubuntu2.14.04.13 ntp: Unauthenticated packet can reset authenticated interleaved association

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7185

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-03-06 20:29 修改: 2026-06-17 02:02

libc6 CVE-2017-1000408 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Memory leak reachable via LD_HWCAP_MASK

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000408

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-02-01 04:29 修改: 2026-06-17 00:59

libc6 CVE-2017-1000409 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow triggerable via LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-1000409

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-02-01 04:29 修改: 2026-06-17 00:59

libc6 CVE-2017-15670 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow in glob with GLOB_TILDE

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15670

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-20 17:29 修改: 2026-06-17 01:08

libc6 CVE-2017-15804 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Buffer overflow during unescaping of user names with the ~ operator

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15804

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-22 20:29 修改: 2026-06-17 01:08

perl CVE-2015-8853 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: regexp matching hangs indefinitely on illegal UTF-8 input

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8853

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2016-05-25 15:59 修改: 2026-05-06 22:30

perl CVE-2016-6185 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: XSLoader loads relative paths not included in @INC

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-6185

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2016-08-02 14:59 修改: 2026-06-17 00:50

perl CVE-2017-6512 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl-File-Path: rmtree/remove_tree race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-6512

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2017-06-01 16:29 修改: 2026-06-17 01:22

libc6 CVE-2017-16997 低危 2.19-0ubuntu6.13 2.19-0ubuntu6.14 glibc: Incorrect handling of RPATH in elf/dl-load.c can be used to execute code loaded from arbitrary libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-16997

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-12-18 01:29 修改: 2026-06-17 01:10

libgcrypt11 CVE-2018-0495 低危 1.5.3-2ubuntu4.5 1.5.3-2ubuntu4.6 ROHNP: Key Extraction Side Channel in Multiple Crypto Libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-0495

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-06-13 23:29 修改: 2026-06-17 01:30

libmagic1 CVE-2014-9620 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: limit the number of ELF notes processed

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9620

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2015-01-21 18:59 修改: 2026-05-06 22:30

libmagic1 CVE-2014-9621 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: limit string printing to 100 chars

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9621

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2015-01-21 18:59 修改: 2026-05-06 22:30

perl-base CVE-2015-8853 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: regexp matching hangs indefinitely on illegal UTF-8 input

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8853

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2016-05-25 15:59 修改: 2026-05-06 22:30

perl-base CVE-2016-6185 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: XSLoader loads relative paths not included in @INC

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-6185

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2016-08-02 14:59 修改: 2026-06-17 00:50

perl-base CVE-2017-6512 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl-File-Path: rmtree/remove_tree race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-6512

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2017-06-01 16:29 修改: 2026-06-17 01:22

libmagic1 CVE-2014-9653 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: malformed elf file causes access to uninitialized memory

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9653

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2015-03-30 10:59 修改: 2026-05-06 22:30

libmagic1 CVE-2015-8865 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: Buffer over-write in finfo_open with malformed magic file

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8865

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2016-05-20 10:59 修改: 2026-05-06 22:30

libmagic1 CVE-2018-10360 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: out-of-bounds read via a crafted ELF file

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10360

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2018-06-11 10:29 修改: 2026-06-17 01:33

libpng12-0 CVE-2016-10087 低危 1.2.50-1ubuntu2.14.04.2 1.2.50-1ubuntu2.14.04.3 libpng: NULL pointer dereference in png_set_text_2()

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10087

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-01-30 22:59 修改: 2026-05-13 00:24

perl-modules CVE-2015-8853 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: regexp matching hangs indefinitely on illegal UTF-8 input

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8853

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2016-05-25 15:59 修改: 2026-05-06 22:30

perl-modules CVE-2016-6185 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl: XSLoader loads relative paths not included in @INC

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-6185

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2016-08-02 14:59 修改: 2026-06-17 00:50

perl-modules CVE-2017-6512 低危 5.18.2-2ubuntu1.3 5.18.2-2ubuntu1.4 perl-File-Path: rmtree/remove_tree race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-6512

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2017-06-01 16:29 修改: 2026-06-17 01:22

busybox-initramfs CVE-2014-9645 低危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: unprivileged arbitrary module load via basename abuse

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9645

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-03-12 06:59 修改: 2026-05-13 00:24

busybox-initramfs CVE-2016-2147 低危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: out of bounds write (heap) due to integer underflow in udhcpc

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2147

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-02-09 15:59 修改: 2026-06-17 00:43

busybox-initramfs CVE-2016-2148 低危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: heap-based buffer overflow in OPTION_6RD parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2148

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-02-09 15:59 修改: 2026-06-17 00:43

busybox-initramfs CVE-2017-15873 低危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: Integer overflow in the get_next_block function

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15873

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2017-10-24 20:29 修改: 2026-06-17 01:08

busybox-initramfs CVE-2018-20679 低危 1:1.21.0-1ubuntu1 1:1.21.0-1ubuntu1.4 busybox: Out of bounds read in udhcp components resulting in information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-20679

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-09 16:29 修改: 2026-06-17 01:53

isc-dhcp-client CVE-2016-2774 低危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: unclosed TCP connections to OMAPI or failover ports can cause DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2774

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2016-03-09 15:59 修改: 2026-06-17 00:44

isc-dhcp-client CVE-2017-3144 低危 4.2.4-7ubuntu12.10 4.2.4-7ubuntu12.12 dhcp: omapi code doesn't free socket descriptors when empty message is received allowing denial-of-service

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-3144

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2019-01-16 20:29 修改: 2026-06-17 01:17

python3.4 CVE-2018-1060 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1060

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-18 14:29 修改: 2026-06-17 01:50

python3.4 CVE-2018-1061 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1061

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-19 12:29 修改: 2026-06-17 01:50

libpython3.4-minimal CVE-2018-1060 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1060

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-18 14:29 修改: 2026-06-17 01:50

libpython3.4-minimal CVE-2018-1061 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1061

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-19 12:29 修改: 2026-06-17 01:50

python3.4-minimal CVE-2018-1060 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1060

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-18 14:29 修改: 2026-06-17 01:50

python3.4-minimal CVE-2018-1061 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression backtracking in difflib.IS_LINE_JUNK method in difflib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1061

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-19 12:29 修改: 2026-06-17 01:50

file CVE-2014-9620 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: limit the number of ELF notes processed

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9620

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2015-01-21 18:59 修改: 2026-05-06 22:30

file CVE-2014-9621 低危 1:5.14-2ubuntu3.3 1:5.14-2ubuntu3.4 file: limit string printing to 100 chars

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-9621

镜像层: sha256:c47d9b229ca4eaf5d3b85b6fa7f794d00910a42634dd0fd5107a9a937b13b20f

发布日期: 2015-01-21 18:59 修改: 2026-05-06 22:30

libpython3.4-stdlib CVE-2018-1060 低危 3.4.3-1ubuntu1~14.04.6 3.4.3-1ubuntu1~14.04.7 python: DOS via regular expression catastrophic backtracking in apop() method in pop3lib

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1060

镜像层: sha256:989ab7dea3b3b22a60bcbe6f4e1c6a1ccc3880fe3a55df5f283f2e830c1a3a19

发布日期: 2018-06-18 14:29 修改: 2026-06-17 01:50

Java (jar)
低危漏洞:15 中危漏洞:57 高危漏洞:73 严重漏洞:28
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2017-15095 严重 2.5.3 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:07

com.fasterxml.jackson.core:jackson-databind CVE-2017-17485 严重 2.5.3 2.9.4, 2.8.11, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-01-10 18:29 修改: 2026-06-17 01:10

com.fasterxml.jackson.core:jackson-databind CVE-2017-7525 严重 2.5.3 2.6.7.1, 2.7.9.1, 2.8.9 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-02-06 15:29 修改: 2026-06-17 01:24

com.fasterxml.jackson.core:jackson-databind CVE-2018-11307 严重 2.5.3 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-07-09 16:15 修改: 2026-06-17 01:35

com.fasterxml.jackson.core:jackson-databind CVE-2018-14718 严重 2.5.3 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: arbitrary code execution in slf4j-ext class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41

com.fasterxml.jackson.core:jackson-databind CVE-2018-14719 严重 2.5.3 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:41

com.fasterxml.jackson.core:jackson-databind CVE-2018-19362 严重 2.5.3 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: improper polymorphic deserialization in jboss-common-core class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-01-02 18:29 修改: 2026-06-17 01:49

com.fasterxml.jackson.core:jackson-databind CVE-2018-7489 严重 2.5.3 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5 jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-02-26 15:29 修改: 2026-06-17 02:03

com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.5.3 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-07-29 12:15 修改: 2026-06-17 02:18

com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.5.3 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:18

com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.5.3 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-09-15 22:15 修改: 2026-06-17 02:22

com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.5.3 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23

com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.5.3 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-10-01 17:15 修改: 2026-06-17 02:23

com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.5.3 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-10-07 00:15 修改: 2026-06-17 02:23

com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.5.3 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-10-12 21:15 修改: 2026-06-17 02:24

com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.5.3 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-01-03 04:15 修改: 2026-06-17 02:30

com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.5.3 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-02-10 21:56 修改: 2026-06-17 03:27

com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.5.3 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28

com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.5.3 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-03-02 04:15 修改: 2026-06-17 03:28

com.h2database:h2 CVE-2021-42392 严重 1.4.187 2.0.206 h2: Remote Code Execution in Console

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42392

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-01-10 14:10 修改: 2026-06-17 04:09

com.h2database:h2 CVE-2022-23221 严重 1.4.187 2.1.210 h2: Loading of custom classes from remote servers through JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-23221

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-01-19 17:15 修改: 2026-06-17 04:29

com.hazelcast:hazelcast CVE-2022-36437 严重 3.8 3.12.13, 4.1.10, 4.2.6, 5.0.4, 5.1.3 hazelcast: Hazelcast connection caching

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-36437

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-12-29 23:15 修改: 2026-06-17 04:53

com.nimbusds:nimbus-jose-jwt CVE-2019-17195 严重 4.12 7.9 nimbus-jose-jwt: Uncaught exceptions while parsing a JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17195

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-10-15 14:15 修改: 2026-06-17 02:23

org.hsqldb:hsqldb CVE-2022-41853 严重 2.3.1 2.7.1 hsqldb: Untrusted input may lead to RCE attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41853

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-10-06 18:17 修改: 2026-06-17 05:03

org.liquibase:liquibase-core CVE-2022-0839 严重 3.1.0 4.8.0 liquibase: Improper Restriction of XML External Entity

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0839

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-03-04 15:15 修改: 2026-06-17 04:21

org.postgresql:postgresql CVE-2024-1597 严重 9.4.1208.jre7 42.2.28, 42.3.9, 42.4.4, 42.5.5, 42.6.1, 42.7.2 pgjdbc: PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-1597

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-02-19 13:15 修改: 2026-06-17 07:04

org.springframework:spring-beans CVE-2022-22965 严重 4.3.2.RELEASE 5.2.20.RELEASE, 5.3.18 spring-framework: RCE via Data Binding on JDK 9+

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22965

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-04-01 23:15 修改: 2026-06-17 04:29

org.springframework:spring-web CVE-2016-1000027 严重 4.3.2.RELEASE 6.0.0 spring: HttpInvokerServiceExporter readRemoteInvocation method untrusted java deserialization

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000027

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-01-02 23:15 修改: 2024-11-21 02:42

com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.5.3 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-03-18 22:15 修改: 2026-06-17 02:48

com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.5.3 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-08-25 18:15 修改: 2026-06-17 03:05

com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.5.3 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-09-17 19:15 修改: 2026-06-17 03:06

com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13

com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-12-17 19:15 修改: 2026-06-17 03:13

com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-12-27 05:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-07 00:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.5.3 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.5.3 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-06 23:15 修改: 2026-06-17 03:14

com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.5.3 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-03-11 07:15 修改: 2026-06-17 03:15

com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.5.3 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-01-19 17:15 修改: 2026-06-17 03:33

com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.5.3 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04

com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.5.3 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04

com.google.code.gson:gson CVE-2022-25647 高危 2.1 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-05-01 16:15 修改: 2026-06-17 04:33

ch.qos.logback:logback-core CVE-2023-6378 高危 1.2.3 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50

com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.5.3 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37

ch.qos.logback:logback-classic CVE-2023-6378 高危 1.2.3 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-11-29 12:15 修改: 2026-06-17 06:50

com.hazelcast:hazelcast CVE-2016-10750 高危 3.8 3.11 hazelcast: java deserialization in join cluster procedure leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-10750

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-05-22 14:29 修改: 2026-06-17 00:40

com.hazelcast:hazelcast CVE-2023-33265 高危 3.8 5.2.4, 5.1.7, 5.0.5 Hazelcast Executor Services don't check client permissions properly

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33265

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-07-18 16:15 修改: 2026-06-17 06:01

com.hazelcast:hazelcast CVE-2023-45859 高危 3.8 5.2.5, 5.3.5 Missing permission checks on Hazelcast client protocol

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45859

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-02-28 22:15 修改: 2026-06-17 06:29

com.hazelcast:hazelcast CVE-2023-45860 高危 3.8 5.3.5, 5.2.5 Hazelcast: Permission checking in CSV File Source connector

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45860

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-02-16 10:15 修改: 2026-06-17 06:29

com.fasterxml.jackson.core:jackson-databind CVE-2018-12022 高危 2.5.3 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Jodd-db library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-03-21 16:00 修改: 2026-06-17 01:37

com.nimbusds:nimbus-jose-jwt CVE-2017-12972 高危 4.12 4.39 Nimbus JOSE+JWT missing overflow check

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12972

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2017-08-20 16:29 修改: 2026-06-17 01:04

com.nimbusds:nimbus-jose-jwt CVE-2017-12974 高危 4.12 4.36 Improper Verification of Cryptographic Signature in Nimbus JOSE+JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12974

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2017-08-20 16:29 修改: 2026-06-17 01:04

com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 4.12 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42

commons-beanutils:commons-beanutils CVE-2014-0114 高危 1.8.3 1.9.4 1: Class Loader manipulation via request parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-0114

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2014-04-30 10:49 修改: 2026-05-06 22:30

commons-beanutils:commons-beanutils CVE-2019-10086 高危 1.8.3 1.9.4 apache-commons-beanutils: does not suppresses the class property in PropertyUtilsBean by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10086

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-08-20 21:15 修改: 2026-06-17 02:10

commons-beanutils:commons-beanutils CVE-2025-48734 高危 1.8.3 1.11.0 commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-05-28 14:15 修改: 2026-06-17 09:30

commons-fileupload:commons-fileupload CVE-2023-24998 高危 1.3.3 1.5 FileUpload: FileUpload DoS with excessive parts

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-24998

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-02-20 16:15 修改: 2026-06-17 05:40

commons-fileupload:commons-fileupload CVE-2025-48976 高危 1.3.3 1.6.0 apache-commons-fileupload: Apache Commons FileUpload DoS via part headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48976

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-06-16 15:15 修改: 2026-06-17 09:30

commons-io:commons-io CVE-2024-47554 高危 2.4 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57

net.minidev:json-smart CVE-2021-31684 高危 1.3.1 1.3.3, 2.4.4 json-smart: Denial of Service in JSONParserByteArray function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31684

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-06-01 20:15 修改: 2026-06-17 03:52

net.minidev:json-smart CVE-2023-1370 高危 1.3.1 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-03-22 06:15 修改: 2026-06-17 05:27

org.apache.commons:commons-compress CVE-2021-35515 高危 1.5 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57

org.apache.commons:commons-compress CVE-2021-35516 高危 1.5 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57

org.apache.commons:commons-compress CVE-2021-35517 高危 1.5 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:57

org.apache.commons:commons-compress CVE-2021-36090 高危 1.5 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-07-13 08:15 修改: 2026-06-17 03:58

org.bouncycastle:bcprov-jdk15on CVE-2016-1000338 高危 1.54 1.56 bouncycastle: DSA does not fully validate ASN.1 encoding during signature verification allowing for injection of unsigned data

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000338

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-01 20:29 修改: 2025-05-05 14:14

org.bouncycastle:bcprov-jdk15on CVE-2016-1000340 高危 1.54 1.56 bouncycastle: Carry propagation bug in math.raw.Nat??? class

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000340

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 13:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2016-1000342 高危 1.54 1.56 bouncycastle: ECDSA improper validation of ASN.1 encoding of signature

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000342

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 13:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2016-1000343 高危 1.54 1.56 bouncycastle: DSA key pair generator generates a weak private key by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000343

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 13:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2016-1000344 高危 1.54 1.56 bouncycastle: DHIES implementation allowed the use of ECB mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000344

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 21:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2016-1000352 高危 1.54 1.56 bouncycastle: ECIES implementation allowed the use of ECB mode

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000352

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 21:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2018-1000180 高危 1.54 1.60 bouncycastle: flaw in the low-level interface to RSA key pair generator

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000180

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-05 13:29 修改: 2026-06-17 01:32

org.eclipse.jetty:jetty-server CVE-2017-7656 高危 9.2.26.v20180806 9.3.24.v20180605, 9.4.11.v20180605 jetty: HTTP request smuggling using the range header

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7656

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-26 15:29 修改: 2026-06-17 01:24

org.eclipse.jetty:jetty-server CVE-2021-28165 高危 9.2.26.v20180806 9.4.39, 10.0.2, 11.0.2 jetty: Resource exhaustion when receiving an invalid large TLS frame

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28165

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-04-01 15:15 修改: 2026-06-17 03:45

org.eclipse.jetty:jetty-webapp CVE-2020-27216 高危 9.2.26.v20180806 9.4.33.v20201020, 10.0.0.beta3, 11.0.0.beta3 jetty: local temporary directory hijacking vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-27216

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-10-23 13:15 修改: 2026-06-17 03:08

com.fasterxml.jackson.core:jackson-databind CVE-2018-5968 高危 2.5.3 2.8.11.1, 2.9.4, 2.7.9.5 jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-01-22 04:29 修改: 2026-06-17 02:01

com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.5.3 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-05-17 17:29 修改: 2026-06-17 02:14

com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.5.3 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-07-30 11:15 修改: 2026-06-17 02:18

org.postgresql:postgresql CVE-2022-21724 高危 9.4.1208.jre7 42.2.25, 42.3.2 jdbc-postgresql: Unchecked Class Instantiation when providing Plugin Classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-21724

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-02-02 12:15 修改: 2026-06-17 04:26

org.postgresql:postgresql CVE-2022-31197 高危 9.4.1208.jre7 42.2.26, 42.4.1, 42.3.7 postgresql: SQL Injection in ResultSet.refreshRow() with malicious column names

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-31197

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-08-03 19:15 修改: 2026-06-17 04:45

com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.5.3 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-03-02 17:15 修改: 2026-06-17 02:19

org.springframework:spring-beans CVE-2022-22970 高危 4.3.2.RELEASE 5.2.22.RELEASE, 5.3.20 springframework: DoS via data binding to multipartFile or servlet part

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22970

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-05-12 20:15 修改: 2026-06-17 04:29

org.springframework:spring-context CVE-2022-22968 高危 4.3.2.RELEASE 5.3.19, 5.2.21.RELEASE Framework: Data Binding Rules Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22968

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-04-14 21:15 修改: 2026-06-17 04:29

org.springframework:spring-core CVE-2018-1272 高危 4.3.2.RELEASE 4.3.15, 5.0.5 spring-framework: Multipart content pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1272

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-04-06 13:29 修改: 2026-06-17 01:50

org.springframework:spring-core CVE-2018-15756 高危 4.3.2.RELEASE 5.1.1.RELEASE, 5.0.10.RELEASE, 4.3.20.RELEASE springframework: DoS Attack via Range Requests

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-15756

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-10-18 22:29 修改: 2026-06-17 01:43

org.springframework:spring-expression CVE-2023-20863 高危 4.3.2.RELEASE 6.0.8, 5.3.27, 5.2.24.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20863

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-04-13 20:15 修改: 2026-06-17 05:31

com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.5.3 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-12-26 20:15 修改: 2026-06-17 02:48

org.springframework:spring-web CVE-2024-22243 高危 4.3.2.RELEASE 6.1.4, 6.0.17, 5.3.32 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22243

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-02-23 05:15 修改: 2026-06-17 07:11

org.springframework:spring-web CVE-2024-22259 高危 4.3.2.RELEASE 6.1.5, 6.0.18, 5.3.33 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22259

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-03-16 05:15 修改: 2026-06-17 07:11

org.springframework:spring-web CVE-2024-22262 高危 4.3.2.RELEASE 5.3.34, 6.0.19, 6.1.6 springframework: URL Parsing with Host Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-22262

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-04-16 06:15 修改: 2026-06-17 07:11

org.yaml:snakeyaml CVE-2017-18640 高危 1.15 1.26 snakeyaml: Billion laughs attack via alias feature

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-18640

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-12-12 03:15 修改: 2026-06-17 01:13

org.yaml:snakeyaml CVE-2022-1471 高危 1.15 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-12-01 11:15 修改: 2026-06-17 04:22

org.yaml:snakeyaml CVE-2022-25857 高危 1.15 1.31 snakeyaml: Denial of Service due to missing nested depth limitation for collections

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25857

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-08-30 05:15 修改: 2026-06-17 04:34

ch.qos.logback:logback-core CVE-2024-12798 中危 1.2.3 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-12-19 16:15 修改: 2026-06-17 07:00

com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.5.3 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-06-24 16:15 修改: 2026-06-17 02:14

org.bouncycastle:bcprov-jdk15on CVE-2016-1000339 中危 1.54 1.56 bouncycastle: Information leak in AESFastEngine class

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000339

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 13:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2016-1000341 中危 1.54 1.56 bouncycastle: Information exposure in DSA signature generation via timing attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000341

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 13:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2016-1000345 中危 1.54 1.56 bouncycastle: DHIES/ECIES CBC modes are vulnerable to padding oracle attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000345

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 21:29 修改: 2025-05-12 17:37

org.bouncycastle:bcprov-jdk15on CVE-2020-15522 中危 1.54 1.66 bouncycastle: Timing issue within the EC math library

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15522

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-05-20 12:15 修改: 2026-06-17 02:56

org.bouncycastle:bcprov-jdk15on CVE-2020-26939 中危 1.54 1.61 In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-26939

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-11-02 22:15 修改: 2026-06-17 03:08

org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.54 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-07-05 03:15 修改: 2026-06-17 06:01

org.bouncycastle:bcprov-jdk15on CVE-2023-33202 中危 1.54 1.70 bc-java: Out of memory while parsing ASN.1 crafted data in org.bouncycastle.openssl.PEMParser class

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33202

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-11-23 16:15 修改: 2026-06-17 06:01

org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.54 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23

org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.54 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26

org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.2.26.v20180806 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-09-15 20:15 修改: 2026-06-17 06:16

org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.2.26.v20180806 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18

commons-io:commons-io CVE-2021-29425 中危 2.4 2.7 apache-commons-io: Limited path traversal in Apache Commons IO 2.2 to 2.6

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-29425

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-04-13 07:15 修改: 2026-06-17 03:47

commons-lang:commons-lang CVE-2025-48924 中危 2.6 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30

org.eclipse.jetty:jetty-server CVE-2018-12536 中危 9.2.26.v20180806 9.4.11.v20180605, 9.3.24.v20180605 jetty: full server path revealed when using the default Error Handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12536

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-27 17:29 修改: 2026-06-17 01:37

org.eclipse.jetty:jetty-server CVE-2019-10241 中危 9.2.26.v20180806 9.2.27.v20190403, 9.3.26.v20190403, 9.4.16.v20190411 jetty: using specially formatted URL against DefaultServlet or ResourceHandler leads to XSS conditions

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10241

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-04-22 20:29 修改: 2026-06-17 02:10

org.eclipse.jetty:jetty-server CVE-2019-10246 中危 9.2.26.v20180806 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 jetty: Directory Listing on Windows reveals Resource Base path

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10246

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-04-22 20:29 修改: 2026-06-17 02:10

org.eclipse.jetty:jetty-server CVE-2019-10247 中危 9.2.26.v20180806 9.2.28.v20190418, 9.3.27.v20190418, 9.4.17.v20190418 jetty: error path information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10247

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-04-22 20:29 修改: 2026-06-17 02:10

org.eclipse.jetty:jetty-server CVE-2023-26048 中危 9.2.26.v20180806 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-04-18 21:15 修改: 2026-06-17 05:42

org.eclipse.jetty:jetty-servlets CVE-2021-28169 中危 9.2.26.v20180806 9.4.41, 10.0.3, 11.0.3 jetty: requests to the ConcatServlet and WelcomeFilter are able to access protected resources within the WEB-INF directory

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28169

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-06-09 02:15 修改: 2026-06-17 03:45

org.eclipse.jetty:jetty-servlets CVE-2024-9823 中危 9.2.26.v20180806 9.4.54, 10.0.18, 11.0.18 org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9823

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-10-14 15:15 修改: 2026-06-17 08:25

com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.5.3 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2019-06-19 14:15 修改: 2026-06-17 02:15

com.fasterxml.jackson.core:jackson-databind CVE-2026-54514 中危 2.5.3 2.18.8, 2.21.4, 3.1.4 jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55

net.minidev:json-smart CVE-2021-27568 中危 1.3.1 1.3.2, 2.4.1, 2.3.1 json-smart: uncaught exception may lead to crash or information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-27568

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-02-23 02:15 修改: 2026-06-17 03:45

ch.qos.logback:logback-core CVE-2025-11226 中危 1.2.3 1.5.19, 1.3.16 ch.qos.logback/logback-core: Conditional abitrary code execution in logback-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11226

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-10-01 08:15 修改: 2026-06-25 17:16

com.google.guava:guava CVE-2018-10237 中危 12.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33

com.google.guava:guava CVE-2023-2976 中危 12.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53

com.google.guava:guava CVE-2018-10237 中危 15.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33

org.apache.commons:commons-compress CVE-2024-25710 中危 1.5 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16

org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.1 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30

org.springframework:spring-context CVE-2024-38820 中危 4.3.2.RELEASE 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41

org.apache.httpcomponents:httpclient CVE-2014-3577 中危 4.3.1 4.3.5 CXF: SSL hostname verification bypass, incomplete CVE-2012-6153 fix

漏洞详情: https://avd.aquasec.com/nvd/cve-2014-3577

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2014-08-21 14:55 修改: 2026-05-06 22:30

org.apache.httpcomponents:httpclient CVE-2015-5262 中危 4.3.1 4.3.6 httpcomponents-core: missing HTTPS connection timeout

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-5262

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2015-10-27 16:59 修改: 2026-05-06 22:30

org.springframework:spring-core CVE-2018-11040 中危 4.3.2.RELEASE 5.0.7.RELEASE, 4.3.18.RELEASE springframework: cross-domain requests via JSONP through AbstractJsonpResponseBodyAdvice

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11040

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-25 15:29 修改: 2026-06-17 01:35

org.springframework:spring-core CVE-2018-1199 中危 4.3.2.RELEASE 4.3.14, 5.0.3 spring-framework: Improper URL path validation allows for bypassing of security checks on static resources

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1199

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-03-16 20:29 修改: 2026-06-17 01:50

org.springframework:spring-core CVE-2018-1257 中危 4.3.2.RELEASE 5.0.6, 4.3.17 spring-framework: ReDoS Attack with spring-messaging

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1257

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-05-11 20:29 修改: 2026-06-17 01:50

org.springframework:spring-core CVE-2018-1271 中危 4.3.2.RELEASE 5.0.5, 4.3.15 spring-framework: Directory traversal vulnerability with static resources on Windows filesystems

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1271

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-04-06 13:29 修改: 2026-06-17 01:50

org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.3.1 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-12-02 17:15 修改: 2026-06-17 02:53

org.springframework:spring-expression CVE-2022-22950 中危 4.3.2.RELEASE 5.3.17, 5.2.20.RELEASE spring-expression: Denial of service via specially crafted SpEL expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-22950

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-04-01 23:15 修改: 2026-06-17 04:29

org.springframework:spring-expression CVE-2023-20861 中危 4.3.2.RELEASE 6.0.7, 5.3.26, 5.2.23.RELEASE springframework: Spring Expression DoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-20861

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-03-23 21:15 修改: 2026-06-17 05:31

org.springframework:spring-expression CVE-2024-38808 中危 4.3.2.RELEASE 5.3.39 spring-expression: Denial of service when processing a specially crafted Spring Expression Language expression

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38808

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-08-20 08:15 修改: 2026-06-17 07:41

org.bouncycastle:bcpkix-jdk15on CVE-2025-8916 中危 1.54 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07

org.bouncycastle:bcpkix-jdk15on CVE-2026-5588 中危 1.54 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21

com.nimbusds:nimbus-jose-jwt CVE-2025-53864 中危 4.12 10.0.2, 9.37.4 com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39

com.google.guava:guava CVE-2023-2976 中危 15.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53

org.springframework:spring-web CVE-2018-11039 中危 4.3.2.RELEASE 5.0.7, 4.3.18 springframework: Cross Site Tracing (XST) if vulnerable to XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11039

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-25 15:29 修改: 2026-06-17 01:35

org.springframework:spring-web CVE-2024-38809 中危 4.3.2.RELEASE 5.3.38, 6.0.23, 6.1.12 org.springframework:spring-web: Spring Framework DoS via conditional HTTP request

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38809

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-09-27 17:15 修改: 2026-06-17 07:41

org.springframework:spring-web CVE-2024-38820 中危 4.3.2.RELEASE 6.1.14 The fix for CVE-2022-22968 made disallowedFieldspatterns in DataBinder ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-38820

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-10-18 06:15 修改: 2026-06-17 07:41

ch.qos.logback:logback-core CVE-2021-42550 中危 1.2.3 1.2.9 logback: remote code execution through JNDI call from within its configuration file

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-42550

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-12-16 19:15 修改: 2026-06-17 04:09

com.fasterxml.jackson.core:jackson-core CVE-2025-49128 中危 2.5.3 2.13.0 com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30

com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.5.3 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30

org.yaml:snakeyaml CVE-2022-38749 中危 1.15 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.composer.Composer.composeSequenceNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38749

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57

org.yaml:snakeyaml CVE-2022-38750 中危 1.15 1.31 snakeyaml: Uncaught exception in org.yaml.snakeyaml.constructor.BaseConstructor.constructObject

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38750

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57

org.yaml:snakeyaml CVE-2022-38751 中危 1.15 1.31 snakeyaml: Uncaught exception in java.base/java.util.regex.Pattern$Ques.match

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38751

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57

org.yaml:snakeyaml CVE-2022-38752 中危 1.15 1.32 snakeyaml: Uncaught exception in java.base/java.util.ArrayList.hashCode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-38752

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-09-05 10:15 修改: 2026-06-17 04:57

org.yaml:snakeyaml CVE-2022-41854 中危 1.15 1.32 dev-java/snakeyaml: DoS via stack overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41854

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-11-11 13:15 修改: 2026-06-17 05:03

com.google.guava:guava CVE-2020-8908 低危 15.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27

org.bouncycastle:bcprov-jdk15on CVE-2016-1000346 低危 1.54 1.56 bouncycastle: Other party DH public keys are not fully validated

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-1000346

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2018-06-04 21:29 修改: 2025-05-12 17:37

org.eclipse.jetty:jetty-server CVE-2021-34428 低危 9.2.26.v20180806 9.4.41, 10.0.3, 11.0.3 jetty: SessionListener can prevent a session from being invalidated breaking logout

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-34428

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2021-06-22 15:15 修改: 2026-06-17 03:55

org.eclipse.jetty:jetty-server CVE-2023-26049 低危 9.2.26.v20180806 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-04-18 21:15 修改: 2026-06-17 05:42

org.springframework:spring-context CVE-2025-22233 低危 4.3.2.RELEASE 6.2.7, 6.1.20 CVE-2024-38820 ensured Locale-independent, lowercase conversion for bo ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-22233

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-05-16 20:15 修改: 2026-06-17 08:45

com.nimbusds:nimbus-jose-jwt CVE-2017-12973 低危 4.12 4.39 Nimbus JOSE+JWT vulnerable to padding oracle attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-12973

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2017-08-20 16:29 修改: 2026-06-17 01:04

ch.qos.logback:logback-core CVE-2026-10532 低危 1.2.3 1.5.35 Deserialization of untrusted data vulnerability in QOS.CH Sarl logback ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-10532

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2026-06-01 13:16 修改: 2026-06-17 10:12

org.eclipse.jetty:jetty-servlets CVE-2023-36479 低危 9.2.26.v20180806 9.4.52, 10.0.16, 11.0.16 jetty: Improper addition of quotation marks to user inputs in CgiServlet

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36479

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-09-15 19:15 修改: 2026-06-17 06:06

org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.2.26.v20180806 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2022-07-07 21:15 修改: 2026-06-17 04:41

org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh 低危 9.2.26.v20180806 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823 Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations

漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2023-07-10 21:52 修改: 2026-02-10 20:06

ch.qos.logback:logback-core CVE-2026-1225 低危 1.2.3 1.5.25 ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1225

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2026-01-22 10:16 修改: 2026-06-17 10:15

com.google.guava:guava CVE-2020-8908 低危 12.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27

commons-configuration:commons-configuration CVE-2025-46392 低危 1.8 apache-commons-configuration: Apache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46392

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2025-05-09 10:15 修改: 2026-06-17 09:26

ch.qos.logback:logback-core CVE-2026-9828 低危 1.2.3 1.5.33 Deserialization of untrusted data vulnerability in QOS.CH Sarl logback ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9828

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2026-05-28 14:16 修改: 2026-06-17 11:05

ch.qos.logback:logback-core CVE-2024-12801 低危 1.2.3 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:c9fad8d7a9fae46fd5609adf78eb02f02472d9396f5a04619f139a74953eebcc

发布日期: 2024-12-19 17:15 修改: 2026-06-17 07:00

检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×