docker.io/spark:3.4.1-scala2.12-java11-ubuntu linux/amd64

docker.io/spark:3.4.1-scala2.12-java11-ubuntu - Trivy安全扫描结果 扫描时间: 2026-06-24 20:54
全部漏洞信息
低危漏洞:45 中危漏洞:147 高危漏洞:65 严重漏洞:5

系统OS: ubuntu 20.04 扫描引擎: Trivy 扫描时间: 2026-06-24 20:54

docker.io/spark:3.4.1-scala2.12-java11-ubuntu (ubuntu 20.04) (ubuntu)
低危漏洞:31 中危漏洞:86 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
bind9-host CVE-2024-11187 中危 1:9.18.28-0ubuntu0.20.04.1 1:9.18.30-0ubuntu0.20.04.2 bind: bind9: Many records in the additional section cause CPU exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11187

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-01-29 22:15 修改: 2026-06-17 06:57
bind9-host CVE-2024-12705 中危 1:9.18.28-0ubuntu0.20.04.1 1:9.18.30-0ubuntu0.20.04.2 bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12705

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-01-29 22:15 修改: 2026-06-17 07:00
bind9-libs CVE-2024-11187 中危 1:9.18.28-0ubuntu0.20.04.1 1:9.18.30-0ubuntu0.20.04.2 bind: bind9: Many records in the additional section cause CPU exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11187

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-01-29 22:15 修改: 2026-06-17 06:57
bind9-libs CVE-2024-12705 中危 1:9.18.28-0ubuntu0.20.04.1 1:9.18.30-0ubuntu0.20.04.2 bind: bind9: DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12705

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-01-29 22:15 修改: 2026-06-17 07:00
curl CVE-2024-7264 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
curl CVE-2024-8096 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21
dirmngr CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gnupg CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gnupg-l10n CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gnupg-utils CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gnupg2 CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpg CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpg-agent CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpg-wks-client CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpg-wks-server CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpgconf CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpgsm CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
gpgv CVE-2025-30258 中危 2.2.19-3ubuntu2.2 2.2.19-3ubuntu2.4 gnupg: verification DoS due to a malicious subkey in the keyring

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-30258

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-03-19 20:15 修改: 2026-06-17 09:08
krb5-user CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
krb5-user CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
krb5-user CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
krb5-user CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
krb5-user CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libc-bin CVE-2025-0395 中危 2.31-0ubuntu9.16 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
libc-bin CVE-2025-4802 中危 2.31-0ubuntu9.16 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
libc6 CVE-2025-0395 中危 2.31-0ubuntu9.16 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
libc6 CVE-2025-4802 中危 2.31-0ubuntu9.16 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
libcurl4 CVE-2024-7264 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.23 curl: libcurl: ASN.1 date parser overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7264

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-31 08:15 修改: 2026-06-17 08:19
libcurl4 CVE-2024-8096 中危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.24 curl: OCSP stapling bypass with GnuTLS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8096

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-09-11 10:15 修改: 2026-06-17 08:21
libexpat1 CVE-2024-45490 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.7 libexpat: Negative Length Parsing Vulnerability in libexpat

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45490

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
libexpat1 CVE-2024-45491 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.7 libexpat: Integer Overflow or Wraparound

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45491

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
libexpat1 CVE-2024-45492 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.7 libexpat: integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45492

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-08-30 03:15 修改: 2026-06-17 07:54
libexpat1 CVE-2024-50602 中危 2.2.9-1ubuntu0.6 2.2.9-1ubuntu0.8 libexpat: expat: DoS via XML_ResumeParser

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-50602

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-10-27 05:15 修改: 2026-06-17 08:04
libfreetype6 CVE-2025-27363 中危 2.10.1-2ubuntu0.3 2.10.1-2ubuntu0.4 freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27363

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-03-11 14:15 修改: 2026-06-17 09:03
libgnutls30 CVE-2024-12243 中危 3.6.13-2ubuntu1.11 3.6.13-2ubuntu1.12 gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12243

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59
libgssapi-krb5-2 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libgssapi-krb5-2 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libgssapi-krb5-2 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libgssapi-krb5-2 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libgssapi-krb5-2 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libgssrpc4 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libgssrpc4 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libgssrpc4 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libgssrpc4 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libgssrpc4 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libk5crypto3 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libk5crypto3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libk5crypto3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libk5crypto3 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libk5crypto3 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libkadm5clnt-mit11 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libkadm5clnt-mit11 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libkadm5clnt-mit11 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libkadm5clnt-mit11 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libkadm5clnt-mit11 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libkadm5srv-mit11 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libkadm5srv-mit11 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libkadm5srv-mit11 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libkadm5srv-mit11 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libkadm5srv-mit11 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libkdb5-9 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libkdb5-9 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libkdb5-9 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libkdb5-9 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libkdb5-9 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libkrb5-3 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libkrb5-3 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libkrb5-3 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libkrb5-3 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libkrb5-3 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libkrb5support0 CVE-2024-3596 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.8 freeradius: forgery attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-3596

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-07-09 12:15 修改: 2026-06-17 07:44
libkrb5support0 CVE-2024-37370 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37370

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 22:15 修改: 2026-06-17 07:38
libkrb5support0 CVE-2024-37371 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.6 krb5: GSS message token handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37371

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-28 23:15 修改: 2026-06-17 07:38
libkrb5support0 CVE-2025-24528 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: overflow when calculating ulog block size

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24528

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2026-01-16 18:16 修改: 2026-06-17 08:59
libkrb5support0 CVE-2025-3576 中危 1.17-6ubuntu4.4 1.17-6ubuntu4.11 krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-04-15 06:15 修改: 2026-06-17 09:20
libsqlite3-0 CVE-2025-29088 中危 3.31.1-4ubuntu0.6 3.31.1-4ubuntu0.7 sqlite: Denial of Service in SQLite

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-29088

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-04-10 14:15 修改: 2026-06-17 09:05
libtasn1-6 CVE-2024-12133 中危 4.16.0-2 4.16.0-2ubuntu0.1 libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12133

镜像层: sha256:3ec3ded77c0ce89e931f92aed086b2a2c774a6fbd51617853decc8afa4e1087a

发布日期: 2025-02-10 16:15 修改: 2026-06-17 06:59
libxml2 CVE-2022-49043 中危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.8 libxml: use-after-free in xmlXIncludeAddNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-49043

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-01-26 06:15 修改: 2026-06-17 05:16
libxml2 CVE-2024-56171 中危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.9 libxml2: Use-After-Free in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56171

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-02-18 22:15 修改: 2026-06-17 08:11
libxml2 CVE-2025-24928 中危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.9 libxml2: Stack-based buffer overflow in xmlSnprintfElements of libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24928

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-02-18 23:15 修改: 2026-06-17 08:59
libxml2 CVE-2025-27113 中危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.9 libxml2: NULL Pointer Dereference in libxml2 xmlPatMatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27113

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-02-18 23:15 修改: 2026-06-17 09:03
libxml2 CVE-2025-32414 中危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.10 libxml2: Out-of-Bounds Read in libxml2

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
libxml2 CVE-2025-32415 中危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.10 libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
locales CVE-2025-0395 中危 2.31-0ubuntu9.16 2.31-0ubuntu9.17 glibc: buffer overflow in the GNU C Library's assert()

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0395

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-01-22 13:15 修改: 2026-06-17 08:26
locales CVE-2025-4802 中危 2.31-0ubuntu9.16 2.31-0ubuntu9.18 glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4802

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-05-16 20:15 修改: 2026-06-17 09:34
net-tools CVE-2025-46836 中危 1.60+git20180626.aebd88e-1ubuntu1 1.60+git20180626.aebd88e-1ubuntu1.3 net-tools: net-tools Stack Buffer Overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-46836

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2025-05-14 23:15 修改: 2026-06-17 09:27
libkrb5-3 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkrb5-3 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libk5crypto3 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libk5crypto3 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkadm5srv-mit11 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkadm5srv-mit11 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libgssapi-krb5-2 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkrb5support0 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkrb5support0 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libgssrpc4 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libssl1.1 CVE-2024-13176 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.24 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
libssl1.1 CVE-2024-2511 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
libssl1.1 CVE-2024-4741 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
libssl1.1 CVE-2024-5535 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
libssl1.1 CVE-2024-9143 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.24 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24
libgssrpc4 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libgssapi-krb5-2 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libcurl4 CVE-2024-11053 低危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.25 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
libkdb5-9 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkdb5-9 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkadm5clnt-mit11 CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libkadm5clnt-mit11 CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
libxml2 CVE-2024-34459 低危 2.9.10+dfsg-5ubuntu0.20.04.7 2.9.10+dfsg-5ubuntu0.20.04.8 libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-05-14 15:39 修改: 2026-06-17 07:33
curl CVE-2024-11053 低危 7.68.0-1ubuntu2.22 7.68.0-1ubuntu2.25 curl: curl netrc password leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11053

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-12-11 08:15 修改: 2026-06-17 06:56
krb5-user CVE-2024-26458 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
krb5-user CVE-2024-26461 低危 1.17-6ubuntu4.4 1.17-6ubuntu4.9 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:760aaa841b5388e2c71a9c33a86c4fa07e75dead661a5741068301673a35f8b6

发布日期: 2024-02-29 01:44 修改: 2026-06-17 07:17
openssl CVE-2024-13176 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.24 openssl: Timing side-channel in ECDSA signature computation

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13176

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2025-01-20 14:15 修改: 2026-06-17 07:01
openssl CVE-2024-2511 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Unbounded memory growth with session handling in TLSv1.3

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2511

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-04-08 14:15 修改: 2026-06-17 07:24
openssl CVE-2024-4741 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: Use After Free with SSL_free_buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4741

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-11-13 11:15 修改: 2026-06-17 08:02
openssl CVE-2024-5535 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.23 openssl: SSL_select_next_proto buffer overread

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5535

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-06-27 11:15 修改: 2026-06-17 08:16
openssl CVE-2024-9143 低危 1.1.1f-1ubuntu2.22 1.1.1f-1ubuntu2.24 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:8cdab93a842f1ebf4bfcd2da131a8b77a3d34a77c27fc239e0c0ef1803705f6d

发布日期: 2024-10-16 17:15 修改: 2026-06-17 08:24
Java (jar)
低危漏洞:14 中危漏洞:61 高危漏洞:65 严重漏洞:5
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
org.apache.avro:avro CVE-2024-47561 严重 1.11.1 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
org.apache.avro:avro CVE-2024-47561 严重 1.7.7 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-03 11:15 修改: 2026-06-17 07:57
org.apache.derby:derby CVE-2022-46337 严重 10.14.2.0 10.14.3, 10.15.2.1, 10.16.1.2, 10.17.1.0 A cleverly devised username might bypass LDAP authentication checks. I ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46337

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-11-20 09:15 修改: 2026-06-17 05:11
org.apache.zookeeper:zookeeper CVE-2023-44981 严重 3.6.3 3.7.2, 3.8.3, 3.9.1 zookeeper: Authorization Bypass in Apache ZooKeeper

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44981

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-10-11 12:15 修改: 2026-06-17 06:28
org.codehaus.jackson:jackson-mapper-asl CVE-2019-10202 严重 1.9.13 codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10202

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2019-10-01 15:15 修改: 2026-06-17 02:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.2.2 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.2.2 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.google.code.gson:gson CVE-2022-25647 高危 2.2.4 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-05-01 16:15 修改: 2026-06-17 04:33
com.google.protobuf:protobuf-java CVE-2021-22569 高危 2.5.0 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
com.google.protobuf:protobuf-java CVE-2024-7254 高危 2.5.0 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.17.3 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.17.3 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java CVE-2021-22569 高危 3.3.0 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.3.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.3.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.3.0 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.google.protobuf:protobuf-java CVE-2021-22569 高危 3.7.1 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-01-10 14:10 修改: 2026-06-17 03:37
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.7.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-12 13:15 修改: 2026-06-17 04:59
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.7.1 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.8.1 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-02-11 05:15 修改: 2026-06-17 06:42
com.squareup.okhttp3:okhttp CVE-2021-0341 高危 3.12.12 4.9.2 okhttp: information disclosure via improperly used cryptographic function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-0341

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2021-02-10 17:15 修改: 2026-06-17 03:29
commons-beanutils:commons-beanutils CVE-2025-48734 高危 1.9.4 1.11.0 commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-05-28 14:15 修改: 2026-06-17 09:30
commons-io:commons-io CVE-2024-47554 高危 2.11.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
commons-io:commons-io CVE-2024-47554 高危 2.8.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
dnsjava:dnsjava CVE-2024-25638 高危 2.1.7 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-07-22 14:15 修改: 2026-06-17 07:16
io.airlift:aircompressor CVE-2024-36114 高危 0.21 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-05-29 21:15 修改: 2026-06-17 07:36
io.airlift:aircompressor CVE-2025-67721 高危 0.21 2.0.3 aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67721

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-12-12 23:15 修改: 2026-06-17 09:58
io.netty:netty-codec CVE-2026-42583 高危 4.1.87.Final 4.1.133.Final Netty is an asynchronous, event-driven network application framework. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http CVE-2026-33870 高危 4.1.87.Final 4.1.132.Final, 4.2.10.Final io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http CVE-2026-42584 高危 4.1.87.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http CVE-2026-42587 高危 4.1.87.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http2 CVE-2025-55163 高危 4.1.87.Final 4.2.4.Final, 4.1.124.Final netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
io.netty:netty-codec-http2 CVE-2026-33871 高危 4.1.87.Final 4.1.132.Final, 4.2.11.Final netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-03-27 20:16 修改: 2026-06-17 10:38
io.netty:netty-codec-http2 CVE-2026-42587 高危 4.1.87.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
io.netty:netty-codec-http2 GHSA-xpw8-rcwv-8f8p 高危 4.1.87.Final 4.1.100.Final io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-10-10 22:22 修改: 2023-11-06 22:08
io.netty:netty-handler CVE-2026-44249 高危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-11 22:16 修改: 2026-06-17 10:50
io.netty:netty-handler CVE-2026-45416 高危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-handler CVE-2026-50010 高危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
net.minidev:json-smart CVE-2021-31684 高危 1.3.2 1.3.3, 2.4.4 json-smart: Denial of Service in JSONParserByteArray function

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31684

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2021-06-01 20:15 修改: 2026-06-17 03:52
net.minidev:json-smart CVE-2023-1370 高危 1.3.2 2.4.9 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-1370

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-03-22 06:15 修改: 2026-06-17 05:27
com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.12.7 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
org.apache.avro:avro CVE-2023-39410 高危 1.11.1 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-29 17:15 修改: 2026-06-17 06:12
com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.13.2 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
org.apache.avro:avro CVE-2023-39410 高危 1.7.7 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-29 17:15 修改: 2026-06-17 06:12
com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.14.2 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-06-25 17:15 修改: 2026-06-17 09:37
org.apache.ivy:ivy CVE-2022-46751 高危 2.5.1 2.5.2 apache-ivy: XML External Entity vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-46751

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-08-21 07:15 修改: 2026-06-17 05:12
org.apache.mesos:mesos CVE-2018-1330 高危 1.4.3 1.6.0 Crash when decoding malformed HTTP requests or malformed JSON payload

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1330

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2018-09-13 19:29 修改: 2026-06-17 01:51
org.apache.spark:spark-core_2.12 CVE-2025-54920 高危 3.4.1 3.5.7 org.apache.spark/spark-core: Apache Spark: Spark History Server Code Execution Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-54920

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-03-16 14:17 修改: 2026-06-17 09:40
org.apache.spark:spark-hive-thriftserver_2.12 CVE-2024-23945 高危 3.4.1 3.4.2 Apache Hive and Spark: CookieSigner exposes the correct signature when message verification fails

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23945

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-12-23 16:15 修改: 2026-06-17 07:13
org.apache.thrift:libthrift CVE-2019-0205 高危 0.12.0 0.13.0 thrift: Endless loop when feed with specific input data

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2019-10-29 19:15 修改: 2026-06-17 02:07
org.apache.thrift:libthrift CVE-2020-13949 高危 0.12.0 0.14.0 libthrift: potential DoS when processing untrusted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2021-02-12 20:15 修改: 2026-06-17 02:53
org.apache.thrift:libthrift CVE-2026-43869 高危 0.12.0 0.23.0 Apache Thrift: Apache Thrift: Security bypass due to improper certificate validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43869

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-05 08:16 修改: 2026-06-17 10:50
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.12.7 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.12.7 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-02 05:15 修改: 2026-06-17 05:04
org.codehaus.jackson:jackson-mapper-asl CVE-2019-10172 高危 1.9.13 jackson-mapper-asl: XML external entity similar to CVE-2016-3720

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10172

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2019-11-18 17:15 修改: 2026-06-17 02:10
org.eclipse.jetty:jetty-http CVE-2026-2332 高危 9.4.43.v20210629 12.1.7, 12.0.33 org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-04-14 12:16 修改: 2026-06-17 10:30
org.eclipse.jetty:jetty-http CVE-2026-2332 高危 9.4.50.v20221201 12.1.7, 12.0.33 org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-04-14 12:16 修改: 2026-06-17 10:30
org.eclipse.jetty:jetty-server CVE-2024-13009 高危 9.4.50.v20221201 9.4.57.v20241219 jetty-server: Jetty: Gzip Request Body Buffer Corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13009

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-05-08 18:15 修改: 2026-06-17 07:00
org.jline:jline-remote-telnet GHSA-2r2c-cx56-8933 高危 3.9.0 4.2.1 JLine3 Telnet server: Unauthenticated Remote DoS via Unbounded Telnet NAWS Terminal Geometry

漏洞详情: https://github.com/advisories/GHSA-2r2c-cx56-8933

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
org.jline:jline-remote-telnet GHSA-47qp-hqvx-6r3f 高危 3.9.0 4.2.1 JLine3 Telnet server: Unauthenticated Remote Memory Exhaustion via Unbounded Telnet NEW-ENVIRON Variables

漏洞详情: https://github.com/advisories/GHSA-47qp-hqvx-6r3f

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-18 13:07 修改: 2026-06-18 13:07
org.lz4:lz4-java CVE-2025-12183 高危 1.8.0 1.8.1 lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31
org.lz4:lz4-java CVE-2025-66566 高危 1.8.0 lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57
org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.10.1 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-25 20:15 修改: 2026-06-17 06:26
org.yaml:snakeyaml CVE-2022-1471 高危 1.33 2.0 SnakeYaml: Constructor Deserialization Remote Code Execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1471

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-01 11:15 修改: 2026-06-17 04:22
io.netty:netty-codec-http2 CVE-2026-48043 中危 4.1.87.Final 4.1.135.Final, 4.2.15.Final netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:54
io.netty:netty-codec-http2 CVE-2026-50560 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
io.netty:netty-common CVE-2024-47535 中危 4.1.87.Final 4.1.115.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
io.netty:netty-common CVE-2025-25193 中危 4.1.87.Final 4.1.118.Final netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
com.google.guava:guava CVE-2018-10237 中危 14.0.1 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33
com.nimbusds:nimbus-jose-jwt CVE-2025-53864 中危 9.8.1 10.0.2, 9.37.4 com.nimbusds/nimbus-jose-jwt: Uncontrolled recursion in Connect2id Nimbus JOSE + JWT

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53864

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-07-11 03:16 修改: 2026-06-17 09:39
com.google.guava:guava CVE-2018-10237 中危 14.0.1 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2018-04-26 21:29 修改: 2026-06-17 01:33
io.netty:netty-handler CVE-2023-34462 中危 4.1.87.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-06-22 23:15 修改: 2026-06-17 06:03
io.netty:netty-transport-native-epoll CVE-2026-45536 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-epoll CVE-2026-45536 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-kqueue CVE-2026-45536 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
io.netty:netty-transport-native-kqueue CVE-2026-45536 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-transport-native-epoll: netty-transport-native-kqueue: Netty: Denial of Service due to file descriptor leak in SCM_RIGHTS message handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45536

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:52
com.squareup.okio:okio CVE-2023-3635 中危 1.15.0 3.4.0, 1.17.6 okio: GzipSource class improper exception handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-3635

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-07-12 19:15 修改: 2026-06-17 06:14
com.google.guava:guava CVE-2023-2976 中危 14.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.17.3 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
commons-lang:commons-lang CVE-2025-48924 中危 2.6 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
commons-net:commons-net CVE-2021-37533 中危 3.6 3.9.0 apache-commons-net: FTP client trusts the host from PASV response by default

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-37533

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-12-03 15:15 修改: 2026-06-17 04:00
org.apache.commons:commons-compress CVE-2024-25710 中危 1.21 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
org.apache.commons:commons-compress CVE-2024-26308 中危 1.21 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:17
org.apache.commons:commons-compress CVE-2023-42503 中危 1.22 1.24.0 apache-commons-compress: Denial of service via CPU consumption for malformed TAR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-14 08:15 修改: 2026-06-17 06:23
org.apache.commons:commons-compress CVE-2024-25710 中危 1.22 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
org.apache.commons:commons-compress CVE-2024-26308 中危 1.22 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:17
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.1.1 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.1.1 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-03-21 09:15 修改: 2026-06-17 07:22
org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.12.0 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.12.0 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
com.google.guava:guava CVE-2023-2976 中危 14.0.1 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
org.apache.hive:hive-exec CVE-2024-29869 中危 2.3.9 4.0.1 Apache Hive Incorrectly Assigns Permissions for a Critical Resource

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29869

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-01-28 22:15 修改: 2026-06-17 07:23
org.apache.hive:hive-llap-common CVE-2024-23953 中危 2.3.9 4.0.0 Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23953

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-01-28 09:15 修改: 2026-06-17 07:13
com.google.guava:guava CVE-2023-2976 中危 30.1.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
org.apache.logging.log4j:log4j-1.2-api CVE-2026-34479 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.19.0 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58
org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.19.0 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
com.google.guava:guava CVE-2023-2976 中危 30.1.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-06-14 18:15 修改: 2026-06-17 05:53
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.13.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
io.netty:netty-codec CVE-2025-58057 中危 4.1.87.Final 4.1.125.Final netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.12.7 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.3.0 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
com.google.protobuf:protobuf-java CVE-2022-3171 中危 2.5.0 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.87.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
org.apache.zookeeper:zookeeper CVE-2024-23944 中危 3.6.3 3.8.4, 3.9.2 Apache-ZooKeeper: Apache ZooKeeper: Information disclosure in persistent watcher handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23944

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-03-15 11:15 修改: 2026-06-17 07:13
io.netty:netty-codec-http CVE-2025-67735 中危 4.1.87.Final 4.2.8.Final, 4.1.129.Final netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
io.netty:netty-codec-http CVE-2026-41417 中危 4.1.87.Final 4.1.133.Final, 4.2.13.Final netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
io.netty:netty-codec-http CVE-2026-42580 中危 4.1.87.Final 4.2.13.Final, 4.1.133.Final netty: Netty: Request smuggling via chunk size parser integer overflow

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.43.v20210629 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-15 20:15 修改: 2026-06-17 06:16
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.43.v20210629 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18
io.netty:netty-codec-http CVE-2026-42581 中危 4.1.87.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
org.eclipse.jetty:jetty-http CVE-2023-40167 中危 9.4.50.v20221201 9.4.52, 10.0.16, 11.0.16, 12.0.1 jetty: Improper validation of HTTP/1 content-length

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-40167

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-15 20:15 修改: 2026-06-17 06:16
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.50.v20221201 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:18
io.netty:netty-codec-http CVE-2026-42585 中危 4.1.87.Final 4.2.13.Final, 4.1.133.Final netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
org.eclipse.jetty:jetty-server CVE-2023-26048 中危 9.4.50.v20221201 9.4.51.v20230217, 10.0.14, 11.0.14 jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26048

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-04-18 21:15 修改: 2026-06-17 05:42
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.50.v20221201 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-14 16:15 修改: 2026-06-17 08:22
org.eclipse.jetty:jetty-servlets CVE-2024-9823 中危 9.4.50.v20221201 9.4.54, 10.0.18, 11.0.18 org.eclipse.jetty:jetty-servlets: jetty: Jetty DOS vulnerability on DosFilter

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9823

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-10-14 15:15 修改: 2026-06-17 08:25
io.netty:netty-codec-http CVE-2026-50020 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.14.2 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.woodstox:woodstox-core CVE-2022-40152 中危 5.3.0 6.4.0, 5.4.0 woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-40152

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-09-16 10:15 修改: 2026-06-17 05:01
com.fasterxml.jackson.core:jackson-core CVE-2025-49128 中危 2.12.7 2.13.0 com.fasterxml.jackson.core/jackson-core: Jackson-core Memory Disclosure via Source Snippet in JsonLocation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49128

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-06-06 22:15 修改: 2026-06-17 09:30
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.7.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-10-12 23:15 修改: 2026-06-17 04:58
io.netty:netty-codec-http2 CVE-2026-47244 中危 4.1.87.Final 4.2.15.Final, 4.1.135.Final netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
org.eclipse.jetty:jetty-http CVE-2025-11143 低危 9.4.50.v20221201 12.0.31, 12.1.5 org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-03-05 10:15 修改: 2026-06-17 08:29
com.google.guava:guava CVE-2020-8908 低危 30.1.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
com.google.guava:guava CVE-2020-8908 低危 14.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
org.apache.spark:spark-network-common_2.12 CVE-2025-55039 低危 3.4.1 3.4.4, 3.5.2 Apache Spark has Inadequate Encryption Strength

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55039

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-10-15 08:15 修改: 2026-06-17 09:41
org.eclipse.jetty:jetty-server CVE-2023-26049 低危 9.4.50.v20221201 9.4.51.v20230217, 10.0.14, 11.0.14, 12.0.0.beta0 jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26049

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-04-18 21:15 修改: 2026-06-17 05:42
io.netty:netty-handler-proxy CVE-2026-42578 低危 4.1.87.Final 4.1.133.Final, 4.2.13.Final netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
org.eclipse.jetty:jetty-servlets CVE-2023-36479 低危 9.4.50.v20221201 9.4.52, 10.0.16, 11.0.16 jetty: Improper addition of quotation marks to user inputs in CgiServlet

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36479

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-09-15 19:15 修改: 2026-06-17 06:06
org.eclipse.jetty:jetty-xml GHSA-58qw-p7qm-5rvh 低危 9.4.43.v20210629 10.0.16, 11.0.16, 12.0.0, 9.4.52.v20230823 Eclipse Jetty XmlParser allows arbitrary DOCTYPE declarations

漏洞详情: https://github.com/advisories/GHSA-58qw-p7qm-5rvh

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2023-07-10 21:52 修改: 2026-02-10 20:06
com.google.guava:guava CVE-2020-8908 低危 14.0.1 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
org.eclipse.jetty:jetty-http CVE-2022-2047 低危 9.4.43.v20210629 9.4.47, 10.0.10, 11.0.10 jetty-http: improver hostname input handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-2047

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2022-07-07 21:15 修改: 2026-06-17 04:41
org.eclipse.jetty:jetty-http CVE-2025-11143 低危 9.4.43.v20210629 12.0.31, 12.1.5 org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2026-03-05 10:15 修改: 2026-06-17 08:29
io.netty:netty-codec-http CVE-2025-58056 低危 4.1.87.Final 4.1.125.Final, 4.2.5.Final netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
org.apache.hadoop:hadoop-common CVE-2024-23454 低危 3.3.4 3.4.0 Apache Hadoop: Temporary File Local Information Disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23454

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2024-09-25 08:15 修改: 2026-06-17 07:12
com.google.guava:guava CVE-2020-8908 低危 30.1.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:f2376ff89172e73b6ec390a1d798f5f800a66ee81be5ef826e1081afc115b36f

发布日期: 2020-12-10 23:15 修改: 2026-06-17 03:27
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×