docker.io/starrocks/be-ubuntu:3.2.15 linux/amd64

docker.io/starrocks/be-ubuntu:3.2.15 - Trivy安全扫描结果 扫描时间: 2025-02-24 16:56
全部漏洞信息
低危漏洞:77 中危漏洞:109 高危漏洞:126 严重漏洞:27

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2025-02-24 16:56

docker.io/starrocks/be-ubuntu:3.2.15 (ubuntu 22.04) (ubuntu)
低危漏洞:68 中危漏洞:23 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
gcc-12-base CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libavahi-client3 CVE-2024-52615 中危 0.8-5ubuntu5.2 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-client3 CVE-2024-52616 中危 0.8-5ubuntu5.2 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common-data CVE-2024-52615 中危 0.8-5ubuntu5.2 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common-data CVE-2024-52616 中危 0.8-5ubuntu5.2 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common3 CVE-2024-52615 中危 0.8-5ubuntu5.2 avahi: Avahi Wide-Area DNS Uses Constant Source Port

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52615

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libavahi-common3 CVE-2024-52616 中危 0.8-5ubuntu5.2 avahi: Avahi Wide-Area DNS Predictable Transaction IDs

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52616

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-21 21:15 修改: 2024-11-21 21:15
libfreetype6 CVE-2025-23022 中危 2.11.1+dfsg-1ubuntu0.2 freetype: signed integer overflow in cf2_doFlex

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23022

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2025-01-10 15:15 修改: 2025-01-16 21:12
libgcc-s1 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libgssapi-krb5-2 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libpam-modules CVE-2024-10041 中危 1.4.0-11ubuntu2.5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-modules-bin CVE-2024-10041 中危 1.4.0-11ubuntu2.5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam-runtime CVE-2024-10041 中危 1.4.0-11ubuntu2.5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpam0g CVE-2024-10041 中危 1.4.0-11ubuntu2.5 pam: libpam: Libpam vulnerable to read hashed password

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-10041

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-10-23 14:15 修改: 2024-12-18 10:15
libpython3.10 CVE-2024-11168 中危 3.10.12-1~22.04.8 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.10-minimal CVE-2024-11168 中危 3.10.12-1~22.04.8 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libpython3.10-stdlib CVE-2024-11168 中危 3.10.12-1~22.04.8 python: Improper validation of IPv6 and IPvFuture addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-11168

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-11-12 22:15 修改: 2025-01-06 18:15
libstdc++6 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
login CVE-2024-56433 中危 1:4.8.1-2ubuntu2.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
passwd CVE-2024-56433 中危 1:4.8.1-2ubuntu2.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-12-26 09:15 修改: 2024-12-26 09:15
binutils CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
binutils-common CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
binutils-common CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
binutils-common CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libbinutils CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
libbinutils CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
libbinutils CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libbinutils CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
libc-bin CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6 CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libctf-nobfd0 CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
libctf-nobfd0 CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
libctf-nobfd0 CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libctf-nobfd0 CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
libctf0 CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
libctf0 CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
libctf0 CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libctf0 CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
libdbus-1-3 CVE-2023-34969 低危 1.12.20-2ubuntu4.1 dbus: dbus-daemon: assertion failure when a monitor is active and a message from the driver cannot be delivered

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34969

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-06-08 03:15 修改: 2023-12-27 16:36
binutils-common CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
binutils-dev CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
libgcc-s1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libgcrypt20 CVE-2024-2236 低危 1.9.4-3ubuntu3 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
libgif7 CVE-2023-48161 低危 5.1.9-2ubuntu0.1 giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-48161

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-11-22 06:15 修改: 2023-11-29 18:48
binutils-dev CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
libgssapi-krb5-2 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libgssapi-krb5-2 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libharfbuzz0b CVE-2023-25193 低危 2.7.4-1ubuntu3.2 harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-25193

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-02-04 20:15 修改: 2023-11-07 04:08
binutils-dev CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libk5crypto3 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libk5crypto3 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
binutils-dev CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
libkrb5-3 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5-3 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
binutils-x86-64-linux-gnu CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
libkrb5support0 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-12-06 21:15
libkrb5support0 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libncurses6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncurses6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncursesw6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libncursesw6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
binutils-x86-64-linux-gnu CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
binutils-x86-64-linux-gnu CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
binutils-x86-64-linux-gnu CVE-2022-48064 低危 2.38-4ubuntu2.6 binutils: excessive memory consumption in _bfd_dwarf2_find_nearest_line_with_alt() in dwarf2.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-48064

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2023-08-22 19:16 修改: 2023-11-07 03:56
coreutils CVE-2016-2781 低危 8.32-4.1ubuntu1.2 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
libpcre2-8-0 CVE-2022-41409 低危 10.39-3ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3 CVE-2017-11164 低危 2:8.39-13ubuntu0.22.04.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
binutils CVE-2017-13716 低危 2.38-4ubuntu2.6 binutils: Memory leak with the C++ symbol demangler routine in libiberty

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-13716

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2017-08-28 21:29 修改: 2019-10-03 00:03
gcc-12-base CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
gdb CVE-2022-27943 低危 12.1-0ubuntu1~22.04.2 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libssl3 CVE-2024-41996 低危 3.0.2-0ubuntu1.18 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
gpgv CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libstdc++6 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libsystemd0 CVE-2023-7008 低危 249.11-0ubuntu3.12 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libtinfo6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
libtinfo6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libudev1 CVE-2023-7008 低危 249.11-0ubuntu3.12 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-23 13:15 修改: 2024-11-22 12:15
libzstd1 CVE-2022-4899 低危 1.4.8+dfsg-3build1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59
locales CVE-2016-20013 低危 2.35-0ubuntu3.9

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
binutils CVE-2019-1010204 低危 2.38-4ubuntu2.6 binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-1010204

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2019-07-23 14:15 修改: 2023-11-07 03:02
login CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
ncurses-base CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-base CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-bin CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2024-02-16 22:15 修改: 2024-11-21 21:15
ncurses-bin CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
openssl CVE-2024-41996 低危 3.0.2-0ubuntu1.18 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
binutils CVE-2022-27943 低危 2.38-4ubuntu2.6 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2f0c0cb56aee24889b371cd256c527bffa13fadd7dce757cd58632ce285acfdd

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
passwd CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:270a1170e7e398434ff1b31e17e233f7d7b71aa99a40473615860068e86720af

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
Java (jar)
低危漏洞:9 中危漏洞:86 高危漏洞:126 严重漏洞:27
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-databind CVE-2017-15095 严重 2.4.0 2.8.11, 2.9.4, 2.6.7.3, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-15095

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-02-06 15:29 修改: 2023-11-07 02:39
com.fasterxml.jackson.core:jackson-databind CVE-2017-17485 严重 2.4.0 2.9.4, 2.8.11, 2.7.9.2 jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-17485

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-01-10 18:29 修改: 2023-06-08 18:00
com.fasterxml.jackson.core:jackson-databind CVE-2017-7525 严重 2.4.0 2.6.7.1, 2.7.9.1, 2.8.9 jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-7525

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-02-06 15:29 修改: 2023-11-07 02:50
com.fasterxml.jackson.core:jackson-databind CVE-2018-11307 严重 2.4.0 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11307

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-07-09 16:15 修改: 2024-04-03 17:40
com.fasterxml.jackson.core:jackson-databind CVE-2018-14718 严重 2.4.0 2.9.7, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: arbitrary code execution in slf4j-ext class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14718

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-14719 严重 2.4.0 2.9.7, 2.8.11.3, 2.7.9.5 jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-14719

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:53
com.fasterxml.jackson.core:jackson-databind CVE-2018-19362 严重 2.4.0 2.9.8, 2.8.11.3, 2.7.9.5, 2.6.7.3 jackson-databind: improper polymorphic deserialization in jboss-common-core class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-19362

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-02 18:29 修改: 2023-11-07 02:55
com.fasterxml.jackson.core:jackson-databind CVE-2018-7489 严重 2.4.0 2.8.11.1, 2.9.5, 2.7.9.3, 2.6.7.5 jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7489

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-02-26 15:29 修改: 2023-11-07 03:01
com.fasterxml.jackson.core:jackson-databind CVE-2019-14379 严重 2.4.0 2.9.9.2, 2.8.11.4, 2.7.9.6 jackson-databind: default typing mishandling leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14379

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-07-29 12:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14540 严重 2.4.0 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14540

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-16335 严重 2.4.0 2.9.10, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.zaxxer.hikari.HikariDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16335

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-09-15 22:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2019-16942 严重 2.4.0 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.commons.dbcp.datasources.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16942

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-16943 严重 2.4.0 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in com.p6spy.engine.spy.P6DataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16943

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-01 17:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17267 严重 2.4.0 2.9.10, 2.8.11.5 jackson-databind: Serialization gadgets in classes of the ehcache package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17267

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-07 00:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-17531 严重 2.4.0 2.9.10.1, 2.8.11.5, 2.6.7.3 jackson-databind: Serialization gadgets in org.apache.log4j.receivers.db.*

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-17531

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-12 21:15 修改: 2023-11-07 03:06
com.fasterxml.jackson.core:jackson-databind CVE-2019-20330 严重 2.4.0 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.2 jackson-databind: lacks certain net.sf.ehcache blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20330

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-01-03 04:15 修改: 2023-11-07 03:09
com.fasterxml.jackson.core:jackson-databind CVE-2020-8840 严重 2.4.0 2.6.7.4, 2.7.9.7, 2.8.11.5, 2.9.10.3 jackson-databind: Lacks certain xbean-reflect/JNDI blocking

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8840

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-02-10 21:56 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9547 严重 2.4.0 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in ibatis-sqlmap

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9547

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
com.fasterxml.jackson.core:jackson-databind CVE-2020-9548 严重 2.4.0 2.9.10.4, 2.8.11.6, 2.7.9.7 jackson-databind: Serialization gadgets in anteros-core

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-9548

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-03-02 04:15 修改: 2023-11-07 03:26
org.apache.avro:avro CVE-2024-47561 严重 1.11.3 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.avro:avro CVE-2024-47561 严重 1.11.3 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.avro:avro CVE-2024-47561 严重 1.11.3 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.avro:avro CVE-2024-47561 严重 1.7.7 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.avro:avro CVE-2024-47561 严重 1.9.2 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.apache.avro:avro CVE-2024-47561 严重 1.9.2 1.11.4 apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47561

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 11:15 修改: 2024-10-21 09:15
org.codehaus.jackson:jackson-mapper-asl CVE-2019-10202 严重 1.9.13 codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10202

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-01 15:15 修改: 2023-02-12 23:33
org.codehaus.jackson:jackson-mapper-asl CVE-2019-10202 严重 1.9.13 codehaus: incomplete fix for unsafe deserialization in jackson-databind vulnerabilities

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10202

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-01 15:15 修改: 2023-02-12 23:33
com.fasterxml.jackson.core:jackson-databind CVE-2020-25649 高危 2.10.0 2.6.7.4, 2.9.10.7, 2.10.5.1 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE)

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-25649

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-03 17:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.10.0 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.10.0 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.10.0 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.10.0 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.11.4 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-46877 高危 2.11.4 2.12.6, 2.13.1 jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-46877

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-03-18 22:15 修改: 2023-08-08 14:21
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.11.4 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.11.4 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.2.2 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.2.2 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.13.2.2 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.2.2 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2018-12022 高危 2.4.0 2.7.9.4, 2.8.11.2, 2.9.6 jackson-databind: improper polymorphic deserialization of types from Jodd-db library

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-12022

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-03-21 16:00 修改: 2023-11-07 02:52
com.fasterxml.jackson.core:jackson-databind CVE-2018-5968 高危 2.4.0 2.8.11.1, 2.9.4, 2.7.9.5 jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-5968

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-01-22 04:29 修改: 2023-09-13 14:19
com.fasterxml.jackson.core:jackson-databind CVE-2019-12086 高危 2.4.0 2.9.9, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12086

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-05-17 17:29 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-14439 高危 2.4.0 2.9.9.2, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: Polymorphic typing issue related to logback/JNDI

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14439

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-07-30 11:15 修改: 2023-11-07 03:04
com.fasterxml.jackson.core:jackson-databind CVE-2019-14892 高危 2.4.0 2.6.7.3, 2.8.11.5, 2.9.10 jackson-databind: Serialization gadgets in classes of the commons-configuration package

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-14892

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-03-02 17:15 修改: 2023-11-07 03:05
com.fasterxml.jackson.core:jackson-databind CVE-2020-10650 高危 2.4.0 2.9.10.4 A deserialization flaw was discovered in jackson-databind through 2.9. ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10650

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-26 20:15 修改: 2023-08-18 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2020-10673 高危 2.4.0 2.9.10.4, 2.6.7.4 jackson-databind: mishandles the interaction between serialization gadgets and typing which could result in remote command execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-10673

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-03-18 22:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-24616 高危 2.4.0 2.9.10.6 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24616

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-08-25 18:15 修改: 2023-11-07 03:20
com.fasterxml.jackson.core:jackson-databind CVE-2020-24750 高危 2.4.0 2.6.7.5, 2.9.10.6 jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-24750

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-09-17 19:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-35490 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35490

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35491 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35491

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-17 19:15 修改: 2022-09-08 21:32
com.fasterxml.jackson.core:jackson-databind CVE-2020-35728 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-35728

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-27 05:15 修改: 2023-11-07 03:22
com.fasterxml.jackson.core:jackson-databind CVE-2020-36179 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36179

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36180 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36180

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36181 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36181

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36182 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36182

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-07 00:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36183 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36183

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-07 00:15 修改: 2023-09-13 14:56
com.fasterxml.jackson.core:jackson-databind CVE-2020-36184 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36184

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2024-07-03 01:36
com.fasterxml.jackson.core:jackson-databind CVE-2020-36185 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36185

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36186 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36186

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36187 高危 2.4.0 2.9.10.8 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36187

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36188 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36188

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36189 高危 2.4.0 2.9.10.8, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36189

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-06 23:15 修改: 2023-09-13 14:57
com.fasterxml.jackson.core:jackson-databind CVE-2020-36518 高危 2.4.0 2.13.2.1, 2.12.6.1 jackson-databind: denial of service via a large depth of nested objects

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36518

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-03-11 07:15 修改: 2022-11-29 22:12
com.fasterxml.jackson.core:jackson-databind CVE-2021-20190 高危 2.4.0 2.9.10.7, 2.6.7.5 jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-20190

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-01-19 17:15 修改: 2023-11-07 03:28
com.fasterxml.jackson.core:jackson-databind CVE-2022-42003 高危 2.4.0 2.12.7.1, 2.13.4.2 jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42003

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2023-12-20 10:15
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.4.0 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.google.code.gson:gson CVE-2022-25647 高危 2.8.1 2.8.9 com.google.code.gson-gson: Deserialization of Untrusted Data in com.google.code.gson-gson

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-25647

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-05-01 16:15 修改: 2022-11-28 17:33
com.google.protobuf:protobuf-java CVE-2021-22569 高危 2.4.1 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
com.google.protobuf:protobuf-java CVE-2021-22570 高危 2.4.1 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30
com.google.protobuf:protobuf-java CVE-2022-3509 高危 2.4.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3510 高危 2.4.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2024-7254 高危 2.4.1 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2021-22569 高危 2.5.0 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
com.google.protobuf:protobuf-java CVE-2021-22569 高危 2.5.0 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
com.google.protobuf:protobuf-java CVE-2021-22569 高危 2.5.0 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
com.google.protobuf:protobuf-java CVE-2021-22570 高危 2.5.0 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30
com.google.protobuf:protobuf-java CVE-2021-22570 高危 2.5.0 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30
com.google.protobuf:protobuf-java CVE-2021-22570 高危 2.5.0 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30
com.google.protobuf:protobuf-java CVE-2022-3509 高危 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3509 高危 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3509 高危 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3510 高危 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2022-3510 高危 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2022-3510 高危 2.5.0 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2024-7254 高危 2.5.0 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 2.5.0 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 2.5.0 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.19.6 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.12 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.21.9 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.google.protobuf:protobuf-java CVE-2021-22569 高危 3.3.1 3.16.1, 3.18.2, 3.19.2 protobuf-java: potential DoS in the parsing procedure for binary data

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22569

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-10 14:10 修改: 2023-04-18 09:15
com.google.protobuf:protobuf-java CVE-2021-22570 高危 3.3.1 3.15.0 protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-22570

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-01-26 14:15 修改: 2023-11-07 03:30
com.google.protobuf:protobuf-java CVE-2022-3509 高危 3.3.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Textformat parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3509

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2022-12-15 16:57
com.google.protobuf:protobuf-java CVE-2022-3510 高危 3.3.1 3.16.3, 3.19.6, 3.20.3, 3.21.7 protobuf-java: Message-Type Extensions parsing issue leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3510

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-12-12 13:15 修改: 2023-11-07 03:51
com.google.protobuf:protobuf-java CVE-2024-7254 高危 3.3.1 3.25.5, 4.27.5, 4.28.2 protobuf: StackOverflow vulnerability in Protocol Buffers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-09-19 01:15 修改: 2024-12-13 14:15
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.31 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.31 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.31 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.31 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
com.nimbusds:nimbus-jose-jwt CVE-2023-52428 高危 9.31 9.37.2 nimbus-jose-jwt: large JWE p2c header value causes Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-52428

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-11 05:15 修改: 2024-10-30 20:35
commons-io:commons-io CVE-2024-47554 高危 2.11.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
commons-io:commons-io CVE-2024-47554 高危 2.11.0 2.14.0 apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-03 12:15 修改: 2024-12-04 15:15
dnsjava:dnsjava CVE-2024-25638 高危 3.4.0 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15
dnsjava:dnsjava CVE-2024-25638 高危 3.4.0 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15
dnsjava:dnsjava CVE-2024-25638 高危 3.4.0 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15
dnsjava:dnsjava CVE-2024-25638 高危 3.4.0 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15
dnsjava:dnsjava CVE-2024-25638 高危 3.4.0 3.6.0 dnsjava: Improper response validation allowing DNSSEC bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25638

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-07-22 14:15 修改: 2024-09-04 15:15
io.airlift:aircompressor CVE-2024-36114 高危 0.10 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
io.airlift:aircompressor CVE-2024-36114 高危 0.21 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
io.airlift:aircompressor CVE-2024-36114 高危 0.25 0.27 Decompressors can crash the JVM and leak memory content in Aircompressor

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36114

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-29 21:15 修改: 2024-05-30 13:15
io.netty:netty-all CVE-2019-16869 高危 4.1.12.Final 4.1.42.Final netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16869

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-09-26 16:15 修改: 2023-11-07 03:06
io.netty:netty-codec-http2 GHSA-xpw8-rcwv-8f8p 高危 4.1.86.Final 4.1.100.Final io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack

漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.2.2 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
com.fasterxml.jackson.core:jackson-databind CVE-2022-42004 高危 2.13.2.2 2.12.7.1, 2.13.4 jackson-databind: use of deeply nested arrays

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-42004

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-02 05:15 修改: 2022-12-02 15:10
ch.qos.logback:logback-classic CVE-2023-6378 高危 1.2.10 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-classic CVE-2023-6378 高危 1.2.10 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
org.apache.avro:avro CVE-2023-39410 高危 1.7.7 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15
ch.qos.logback:logback-classic CVE-2023-6378 高危 1.2.10 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-core CVE-2023-6378 高危 1.2.10 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
org.apache.avro:avro CVE-2023-39410 高危 1.9.2 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15
org.apache.avro:avro CVE-2023-39410 高危 1.9.2 1.11.3 apache-avro: Apache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39410

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-29 17:15 修改: 2024-06-21 19:15
org.apache.commons:commons-compress CVE-2021-35515 高危 1.20 1.21 apache-commons-compress: infinite loop when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35515

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35516 高危 1.20 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted 7Z archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35516

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-35517 高危 1.20 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-35517

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2021-36090 高危 1.20 1.21 apache-commons-compress: excessive memory allocation when reading a specially crafted ZIP archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36090

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-07-13 08:15 修改: 2023-11-07 03:36
org.apache.commons:commons-compress CVE-2024-25710 高危 1.20 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.22 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.22 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.22 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.24.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.24.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.commons:commons-compress CVE-2024-25710 高危 1.24.0 1.26.0 commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-07 17:15
org.apache.thrift:libthrift CVE-2018-1320 高危 0.9.3 0.9.3-1, 0.12.0 thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1320

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:55
org.apache.thrift:libthrift CVE-2018-1320 高危 0.9.3 0.9.3-1, 0.12.0 thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1320

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:55
org.apache.thrift:libthrift CVE-2018-1320 高危 0.9.3 0.9.3-1, 0.12.0 thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1320

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:55
org.apache.thrift:libthrift CVE-2019-0205 高危 0.9.3 0.13.0 thrift: Endless loop when feed with specific input data

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-29 19:15 修改: 2023-11-07 03:01
org.apache.thrift:libthrift CVE-2019-0205 高危 0.9.3 0.13.0 thrift: Endless loop when feed with specific input data

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-29 19:15 修改: 2023-11-07 03:01
org.apache.thrift:libthrift CVE-2019-0205 高危 0.9.3 0.13.0 thrift: Endless loop when feed with specific input data

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-0205

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-10-29 19:15 修改: 2023-11-07 03:01
org.apache.thrift:libthrift CVE-2020-13949 高危 0.9.3 0.14.0 libthrift: potential DoS when processing untrusted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-02-12 20:15 修改: 2023-11-07 03:17
org.apache.thrift:libthrift CVE-2020-13949 高危 0.9.3 0.14.0 libthrift: potential DoS when processing untrusted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-02-12 20:15 修改: 2023-11-07 03:17
org.apache.thrift:libthrift CVE-2020-13949 高危 0.9.3 0.14.0 libthrift: potential DoS when processing untrusted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13949

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-02-12 20:15 修改: 2023-11-07 03:17
ch.qos.logback:logback-core CVE-2023-6378 高危 1.2.10 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
ch.qos.logback:logback-core CVE-2023-6378 高危 1.2.10 1.3.12, 1.4.12, 1.2.13 logback: serialization vulnerability in logback receiver

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-6378

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-11-29 12:15 修改: 2024-11-29 12:15
org.codehaus.jackson:jackson-mapper-asl CVE-2019-10172 高危 1.9.13 jackson-mapper-asl: XML external entity similar to CVE-2016-3720

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10172

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-11-18 17:15 修改: 2023-02-12 23:33
org.codehaus.jackson:jackson-mapper-asl CVE-2019-10172 高危 1.9.13 jackson-mapper-asl: XML external entity similar to CVE-2016-3720

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-10172

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-11-18 17:15 修改: 2023-02-12 23:33
org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.10.3 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46
org.xerial.snappy:snappy-java CVE-2023-34455 高危 1.1.8.3 1.1.10.1 snappy-java: Unchecked chunk length leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-15 18:15 修改: 2024-02-01 14:17
org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.1.8.3 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-25 20:15 修改: 2023-09-26 15:46
org.apache.ant:ant CVE-2020-1945 中危 1.9.1 1.9.15, 1.10.8 ant: insecure temporary file vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-1945

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-05-14 16:15 修改: 2023-11-07 03:19
org.apache.ant:ant CVE-2021-36373 中危 1.9.1 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted TAR archive

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36373

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
org.apache.ant:ant CVE-2021-36374 中危 1.9.1 1.9.16, 1.10.11 ant: excessive memory allocation when reading a specially crafted ZIP archive or a derived formats

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-36374

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2021-07-14 07:15 修改: 2023-11-07 03:36
com.google.protobuf:protobuf-java CVE-2022-3171 中危 3.3.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
com.google.protobuf:protobuf-java CVE-2022-3171 中危 2.4.1 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
com.google.guava:guava CVE-2018-10237 中危 19.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
com.google.protobuf:protobuf-java CVE-2022-3171 中危 2.5.0 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
com.google.protobuf:protobuf-java CVE-2022-3171 中危 2.5.0 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
com.google.protobuf:protobuf-java CVE-2022-3171 中危 2.5.0 3.21.7, 3.20.3, 3.19.6, 3.16.3 protobuf-java: timeout in parser leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2022-10-12 23:15 修改: 2023-11-07 03:50
com.google.guava:guava CVE-2023-2976 中危 19.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2018-10237 中危 22.0 24.1.1-android guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-10237

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2018-04-26 21:29 修改: 2023-11-07 02:51
com.google.guava:guava CVE-2023-2976 中危 22.0 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2023-2976 中危 27.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2023-2976 中危 27.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2023-2976 中危 27.0-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
com.google.guava:guava CVE-2023-2976 中危 31.1-jre 32.0.0-android guava: insecure temporary directory creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-2976

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-14 18:15 修改: 2024-02-13 19:15
ch.qos.logback:logback-core CVE-2024-12798 中危 1.2.10 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
ch.qos.logback:logback-core CVE-2024-12798 中危 1.2.10 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
com.fasterxml.jackson.core:jackson-databind CVE-2019-12384 中危 2.4.0 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12384

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-06-24 16:15 修改: 2023-11-07 03:03
com.fasterxml.jackson.core:jackson-databind CVE-2019-12814 中危 2.4.0 2.9.9.1, 2.8.11.4, 2.7.9.6, 2.6.7.3 jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-12814

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-06-19 14:15 修改: 2023-11-07 03:03
org.apache.commons:commons-compress CVE-2023-42503 中危 1.22 1.24.0 apache-commons-compress: Denial of service via CPU consumption for malformed TAR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-14 08:15 修改: 2024-02-21 21:27
org.apache.commons:commons-compress CVE-2023-42503 中危 1.22 1.24.0 apache-commons-compress: Denial of service via CPU consumption for malformed TAR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-14 08:15 修改: 2024-02-21 21:27
org.apache.commons:commons-compress CVE-2023-42503 中危 1.22 1.24.0 apache-commons-compress: Denial of service via CPU consumption for malformed TAR file

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-09-14 08:15 修改: 2024-02-21 21:27
org.apache.commons:commons-compress CVE-2024-26308 中危 1.22 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.22 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.22 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
org.apache.commons:commons-compress CVE-2024-26308 中危 1.24.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.24.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-compress CVE-2024-26308 中危 1.24.0 1.26.0 commons-compress: OutOfMemoryError unpacking broken Pack200 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-02-19 09:15 修改: 2024-03-21 19:54
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29131 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29131

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-12-13 14:15
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.apache.commons:commons-configuration2 CVE-2024-29133 中危 2.8.0 2.10.1 commons-configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29133

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-21 09:15 修改: 2024-11-04 17:35
org.apache.httpcomponents:httpclient CVE-2020-13956 中危 4.4.1 4.5.13, 5.0.3 apache-httpclient: incorrect handling of malformed authority component in request URIs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-13956

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-02 17:15 修改: 2023-11-07 03:17
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.100.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
io.netty:netty-codec-http CVE-2024-29025 中危 4.1.86.Final 4.1.108.Final netty-codec-http: Allocation of Resources Without Limits or Throttling

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-03-25 20:15 修改: 2024-06-21 22:15
ch.qos.logback:logback-core CVE-2024-12798 中危 1.2.10 1.5.13, 1.3.15 logback-core: arbitrary code execution via JaninoEventEvaluator

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12798

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-12-19 16:15 修改: 2025-01-03 14:15
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
org.apache.thrift:libthrift CVE-2018-11798 中危 0.9.3 0.12.0 thrift: Improper Access Control grants access to files outside the webservers docroot path

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11798

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:51
org.apache.thrift:libthrift CVE-2018-11798 中危 0.9.3 0.12.0 thrift: Improper Access Control grants access to files outside the webservers docroot path

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11798

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:51
org.apache.thrift:libthrift CVE-2018-11798 中危 0.9.3 0.12.0 thrift: Improper Access Control grants access to files outside the webservers docroot path

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-11798

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2019-01-07 17:29 修改: 2023-11-07 02:51
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2023-33201 中危 1.70 bouncycastle: potential blind LDAP injection attack using a self-signed certificate

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-33201

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-07-05 03:15 修改: 2023-08-24 19:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-29857 中危 1.70 1.78 org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:17 修改: 2024-12-06 14:15
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
org.bouncycastle:bcprov-jdk15on CVE-2024-30171 中危 1.70 1.78 bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-05-14 15:21 修改: 2024-08-19 18:35
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-common CVE-2024-47535 中危 4.1.100.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.53.v20231009 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.53.v20231009 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.53.v20231009 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.53.v20231009 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.53.v20231009 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:15
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.53.v20231009 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.53.v20231009 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.53.v20231009 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.53.v20231009 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.53.v20231009 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-10-14 16:15 修改: 2024-11-08 21:00
io.netty:netty-common CVE-2024-47535 中危 4.1.48.Final 4.1.115 netty: Denial of Service attack on windows app using Netty

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-11-12 16:15 修改: 2024-11-13 17:01
io.netty:netty-handler CVE-2023-34462 中危 4.1.86.Final 4.1.94.Final netty: SniHandler 16MB allocation leads to OOM

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34462

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-22 23:15 修改: 2024-06-21 19:15
junit:junit CVE-2020-15250 中危 4.12 4.13.1 junit4: TemporaryFolder is shared between all users across system which could result in information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15250

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-10-12 18:15 修改: 2023-11-07 03:17
org.xerial.snappy:snappy-java CVE-2023-34453 中危 1.1.8.3 1.1.10.1 snappy-java: Integer overflow in shuffle leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-15 17:15 修改: 2023-06-27 15:59
org.xerial.snappy:snappy-java CVE-2023-34454 中危 1.1.8.3 1.1.10.1 snappy-java: Integer overflow in compress leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2023-06-15 17:15 修改: 2024-12-12 17:15
com.google.guava:guava CVE-2020-8908 低危 27.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 27.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
ch.qos.logback:logback-core CVE-2024-12801 低危 1.2.10 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
com.google.guava:guava CVE-2020-8908 低危 31.1-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
com.google.guava:guava CVE-2020-8908 低危 22.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
ch.qos.logback:logback-core CVE-2024-12801 低危 1.2.10 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
com.google.guava:guava CVE-2020-8908 低危 19.0 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30
ch.qos.logback:logback-core CVE-2024-12801 低危 1.2.10 1.5.13, 1.3.15 logback-core: SaxEventRecorder vulnerable to Server-Side Request Forgery (SSRF) attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-12801

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2024-12-19 17:15 修改: 2025-01-03 14:15
com.google.guava:guava CVE-2020-8908 低危 27.0-jre 32.0.0-android guava: local information disclosure via temporary directory created with unsafe permissions

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-8908

镜像层: sha256:d98b782a5e3fcd4ee6ab0009a9ba3746c4a1224b67804102be6290bc2140071d

发布日期: 2020-12-10 23:15 修改: 2023-08-02 17:30