| ai.djl:api |
CVE-2024-37902 |
严重 |
0.21.0 |
0.28.0 |
DeepJavaLibrary API absolute path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37902
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-06-17 20:15 修改: 2026-06-17 07:39
|
| ai.djl:api |
CVE-2025-0851 |
严重 |
0.21.0 |
0.31.1 |
Deep Java Library path traversal issue
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-0851
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-01-29 22:15 修改: 2026-06-17 08:27
|
| org.bouncycastle:bcprov-ext-jdk18on |
CVE-2025-14813 |
严重 |
1.75 |
|
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| org.bouncycastle:bcprov-ext-jdk18on |
CVE-2025-14813 |
严重 |
1.75 |
|
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2025-14813 |
严重 |
1.74 |
1.84 |
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2025-14813 |
严重 |
1.75 |
1.84 |
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2025-14813 |
严重 |
1.75 |
1.84 |
bouncycastle: BC-JAVA: GOSTCTR implementation unable to process more than 255 blocks correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14813
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:16
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.14.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.15.2 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.22.1 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
|
| com.google.protobuf:protobuf-java |
CVE-2024-7254 |
高危 |
3.22.1 |
3.25.5, 4.27.5, 4.28.2 |
protobuf: StackOverflow vulnerability in Protocol Buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-7254
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-09-19 01:15 修改: 2026-06-17 08:19
|
| commons-beanutils:commons-beanutils |
CVE-2025-48734 |
高危 |
1.9.4 |
1.11.0 |
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-05-28 14:15 修改: 2026-06-17 09:30
|
| commons-beanutils:commons-beanutils |
CVE-2025-48734 |
高危 |
1.9.4 |
1.11.0 |
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-05-28 14:15 修改: 2026-06-17 09:30
|
| commons-beanutils:commons-beanutils |
CVE-2025-48734 |
高危 |
1.9.4 |
1.11.0 |
commons-beanutils: Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48734
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-05-28 14:15 修改: 2026-06-17 09:30
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.11.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.13.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.7 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
|
| commons-io:commons-io |
CVE-2024-47554 |
高危 |
2.8.0 |
2.14.0 |
apache-commons-io: Possible denial of service attack on untrusted input to XmlStreamReader
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47554
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-10-03 12:15 修改: 2026-06-17 07:57
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.97.Final |
4.1.133.Final |
netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.97.Final |
4.1.133.Final |
netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.97.Final |
4.1.133.Final |
netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec |
CVE-2026-42583 |
高危 |
4.1.97.Final |
4.1.133.Final |
netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.97.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.97.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.97.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17
|
| io.netty:netty-codec-http |
CVE-2026-33870 |
高危 |
4.1.97.Final |
4.1.132.Final, 4.2.10.Final |
io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33870
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42584 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42587 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.97.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2025-55163 |
高危 |
4.1.97.Final |
4.2.4.Final, 4.1.124.Final |
netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-55163
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-13 15:15 修改: 2026-06-17 09:41
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.97.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17
|
| io.netty:netty-codec-http2 |
CVE-2026-33871 |
高危 |
4.1.97.Final |
4.1.132.Final, 4.2.11.Final |
netty: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33871
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-03-27 20:16 修改: 2026-07-03 13:17
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http2 |
CVE-2026-42587 |
高危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http2 |
GHSA-xpw8-rcwv-8f8p |
高危 |
4.1.97.Final |
4.1.100.Final |
io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack
漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-10 22:22 修改: 2023-11-06 22:08
|
| io.netty:netty-codec-http2 |
GHSA-xpw8-rcwv-8f8p |
高危 |
4.1.97.Final |
4.1.100.Final |
io.netty:netty-codec-http2 vulnerable to HTTP/2 Rapid Reset Attack
漏洞详情: https://github.com/advisories/GHSA-xpw8-rcwv-8f8p
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-10 22:22 修改: 2023-11-06 22:08
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.97.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.97.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.97.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2025-24970 |
高危 |
4.1.97.Final |
4.1.118.Final |
io.netty:netty-handler: SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-24970
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 08:59
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-11 22:16 修改: 2026-07-10 12:16
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-11 22:16 修改: 2026-07-10 12:16
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-11 22:16 修改: 2026-07-10 12:16
|
| io.netty:netty-handler |
CVE-2026-44249 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-11 22:16 修改: 2026-07-10 12:16
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 15:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 15:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 15:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-45416 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Denial of Service due to eager buffer allocation in TLS handshake
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 15:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-07-10 12:17
|
| io.netty:netty-handler |
CVE-2026-50010 |
高危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-handler: Netty: Improper trust manager handling leads to hostname verification bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50010
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-07-10 12:17
|
| org.apache.cxf:cxf-core |
CVE-2025-23184 |
高危 |
4.0.2 |
3.5.10, 3.6.5, 4.0.6 |
org.apache.cxf: Apache CXF: Denial of Service vulnerability with temporary files
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-23184
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-01-21 10:15 修改: 2026-06-17 08:52
|
| org.apache.kafka:kafka-clients |
CVE-2026-35554 |
高危 |
3.5.1 |
3.9.2, 4.0.2, 4.1.2 |
Apache Kafka Clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35554
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-07 14:16 修改: 2026-06-17 10:40
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.14.1 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.14.1 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54512 |
高危 |
2.14.1 |
2.18.8, 3.1.4, 2.21.4 |
jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54512
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 21:01
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2026-5598 |
高危 |
1.74 |
1.80.2 |
bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.14.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54513 |
高危 |
2.14.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: Jackson-databind: Security bypass allows arbitrary code execution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54513
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-07-14 12:17
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2026-5598 |
高危 |
1.75 |
1.80.2 |
bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2026-5598 |
高危 |
1.75 |
1.80.2 |
bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| org.json:json |
CVE-2023-5072 |
高危 |
20230227 |
20231013 |
JSON-java: parser confusion leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-12 17:15 修改: 2026-06-17 06:47
|
| org.json:json |
CVE-2023-5072 |
高危 |
20230227 |
20231013 |
JSON-java: parser confusion leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-12 17:15 修改: 2026-06-17 06:47
|
| org.json:json |
CVE-2023-5072 |
高危 |
20230227 |
20231013 |
JSON-java: parser confusion leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-12 17:15 修改: 2026-06-17 06:47
|
| org.json:json |
CVE-2023-5072 |
高危 |
20230227 |
20231013 |
JSON-java: parser confusion leads to OOM
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-5072
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-12 17:15 修改: 2026-06-17 06:47
|
| org.lz4:lz4-java |
CVE-2025-12183 |
高危 |
1.8.0 |
1.8.1 |
lz4-java: lz4-java: Out-of-bounds memory operations lead to denial of service and information disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12183
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-11-28 16:15 修改: 2026-06-17 08:31
|
| org.lz4:lz4-java |
CVE-2025-66566 |
高危 |
1.8.0 |
|
lz4-java: lz4-java: Information Disclosure via Insufficient Output Buffer Clearing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66566
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-05 18:15 修改: 2026-06-17 09:57
|
| org.opensearch:opensearch-common |
CVE-2025-9624 |
高危 |
2.10.0 |
3.3.0, 2.19.4 |
OpenSearch is vulnerable to DoS via complex query_string inputs
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9624
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-11-25 20:16 修改: 2026-06-17 10:09
|
| org.xerial.snappy:snappy-java |
CVE-2023-43642 |
高危 |
1.1.10.3 |
1.1.10.4 |
snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-09-25 20:15 修改: 2026-06-17 06:26
|
| software.amazon.ion:ion-java |
CVE-2024-21634 |
高危 |
1.0.2 |
1.10.5 |
ion-java: ion-java: Ion Java StackOverflow vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21634
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-01-03 23:15 修改: 2026-06-17 07:09
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.97.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42580 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: Netty: Request smuggling via chunk size parser integer overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42581 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-42585 |
中危 |
4.1.97.Final |
4.2.13.Final, 4.1.133.Final |
netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-06-17 10:48
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http |
CVE-2026-50020 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http: Netty: Data manipulation via request-boundary confusion in HttpObjectDecoder
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50020
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.14.1 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.14.1 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.jayway.jsonpath:json-path |
CVE-2023-51074 |
中危 |
2.8.0 |
2.9.0 |
json-path: stack-based buffer overflow in Criteria.parse method
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-51074
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-12-27 21:15 修改: 2026-06-17 06:40
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.15.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.15.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| com.fasterxml.jackson.core:jackson-core |
GHSA-72hv-8253-57qq |
中危 |
2.15.2 |
2.21.1, 2.18.6 |
jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition
漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.14.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.14.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-47244 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service via uncontrolled HTTP/2 concurrent streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 15:16 修改: 2026-06-17 10:54
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.97.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-07-10 12:17
|
| io.netty:netty-codec-http2 |
CVE-2026-48043 |
中危 |
4.1.97.Final |
4.1.135.Final, 4.2.15.Final |
netty-codec-http2: netty-codec-http2: Denial of Service due to resource leak
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-07-10 12:17
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-codec-http2 |
CVE-2026-50560 |
中危 |
4.1.97.Final |
4.2.15.Final, 4.1.135.Final |
netty-codec-http2: Netty: Denial of Service due to HTTP/2 max header size handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50560
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-12 16:16 修改: 2026-06-17 10:57
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.97.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.97.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.97.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2024-47535 |
中危 |
4.1.97.Final |
4.1.115.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47535
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-11-12 16:15 修改: 2026-06-17 07:57
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.97.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.97.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.97.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| io.netty:netty-common |
CVE-2025-25193 |
中危 |
4.1.97.Final |
4.1.118.Final |
netty: Denial of Service attack on windows app using Netty
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25193
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-02-10 22:15 修改: 2026-06-17 09:00
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.14.1 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.14.1 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| commons-lang:commons-lang |
CVE-2025-48924 |
中危 |
2.6 |
|
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| commons-lang:commons-lang |
CVE-2025-48924 |
中危 |
2.6 |
|
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.97.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.97.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.97.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| io.netty:netty-codec |
CVE-2025-58057 |
中危 |
4.1.97.Final |
4.1.125.Final |
netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58057
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-04 10:42 修改: 2026-06-17 09:43
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54514 |
中危 |
2.15.2 |
2.18.8, 2.21.4, 3.1.4 |
jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54514
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-27 20:55
|
| org.apache.commons:commons-compress |
CVE-2023-42503 |
中危 |
1.22 |
1.24.0 |
apache-commons-compress: Denial of service via CPU consumption for malformed TAR file
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-09-14 08:15 修改: 2026-06-17 06:23
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
中危 |
1.22 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.22 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:17
|
| org.apache.commons:commons-compress |
CVE-2023-42503 |
中危 |
1.23.0 |
1.24.0 |
apache-commons-compress: Denial of service via CPU consumption for malformed TAR file
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-42503
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-09-14 08:15 修改: 2026-06-17 06:23
|
| org.apache.commons:commons-compress |
CVE-2024-25710 |
中危 |
1.23.0 |
1.26.0 |
commons-compress: Denial of service caused by an infinite loop for a corrupted DUMP file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-25710
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:16
|
| org.apache.commons:commons-compress |
CVE-2024-26308 |
中危 |
1.23.0 |
1.26.0 |
commons-compress: OutOfMemoryError unpacking broken Pack200 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26308
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-02-19 09:15 修改: 2026-06-17 07:17
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.10 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.10 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.12.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.12.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.13.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.13.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.13.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.13.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| org.apache.commons:commons-lang3 |
CVE-2025-48924 |
中危 |
3.13.0 |
3.18.0 |
commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-11 15:15 修改: 2026-06-17 09:30
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| org.apache.cxf:cxf-core |
CVE-2025-48795 |
中危 |
4.0.2 |
3.5.11, 3.6.6, 4.0.7, 4.1.1 |
org.apache.cxf/cxf: Apache CXF denial of service and data exposure
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48795
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-07-15 15:15 修改: 2026-06-17 09:30
|
| org.apache.cxf:cxf-rt-rs-security-jose |
CVE-2024-32007 |
中危 |
4.0.2 |
4.0.5, 3.6.4, 3.5.9 |
apache: cxf: org.apache.cxf:cxf-rt-rs-security-jose: Denial of Service vulnerability in JOSE
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-32007
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-07-19 09:15 修改: 2026-06-17 07:29
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| org.apache.kafka:kafka-clients |
CVE-2024-31141 |
中危 |
3.5.1 |
3.7.1 |
kafka-clients: privilege escalation to filesystem read-access via automatic ConfigProvider
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-31141
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-11-19 09:15 修改: 2026-06-17 07:27
|
| org.apache.kafka:kafka-clients |
CVE-2025-27817 |
中危 |
3.5.1 |
3.9.1 |
org.apache.kafka: Kafka Client Arbitrary File Read SSRF
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-27817
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-06-10 08:15 修改: 2026-06-17 09:04
|
| org.apache.kafka:kafka-clients |
CVE-2026-33558 |
中危 |
3.5.1 |
3.9.2, 4.0.1 |
Apache Kafka exposes sensitive information in its DEBUG logs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33558
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-20 14:16 修改: 2026-06-17 10:37
|
| org.apache.logging.log4j:log4j-core |
CVE-2025-68161 |
中危 |
2.20.0 |
2.25.3 |
Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58
|
| org.apache.logging.log4j:log4j-core |
CVE-2025-68161 |
中危 |
2.20.0 |
2.25.3 |
Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-18 21:15 修改: 2026-06-17 09:58
|
| org.apache.logging.log4j:log4j-core |
CVE-2026-34477 |
中危 |
2.20.0 |
2.25.4 |
org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
|
| org.apache.logging.log4j:log4j-core |
CVE-2026-34477 |
中危 |
2.20.0 |
2.25.4 |
org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
|
| org.apache.logging.log4j:log4j-core |
CVE-2026-34480 |
中危 |
2.20.0 |
2.25.4 |
org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
|
| org.apache.logging.log4j:log4j-core |
CVE-2026-34480 |
中危 |
2.20.0 |
2.25.4 |
org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-10 16:16 修改: 2026-06-17 10:39
|
| org.apache.santuario:xmlsec |
CVE-2023-44483 |
中危 |
2.3.3 |
2.3.4, 2.2.6, 3.0.3 |
santuario: Private Key disclosure in debug-log output
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-44483
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-10-20 10:15 修改: 2026-06-17 06:27
|
| org.bouncycastle:bc-fips |
CVE-2022-45146 |
中危 |
1.0.2.3 |
1.0.2.4 |
bouncy-castle: Improper Authentication
漏洞详情: https://avd.aquasec.com/nvd/cve-2022-45146
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2022-11-21 10:15 修改: 2026-06-17 05:09
|
| org.bouncycastle:bc-fips |
CVE-2024-29857 |
中危 |
1.0.2.3 |
1.0.2.5 |
org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23
|
| org.bouncycastle:bc-fips |
CVE-2025-8885 |
中危 |
1.0.2.3 |
1.0.2.6, 2.0.1 |
bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcpkix-jdk15on |
CVE-2025-8916 |
中危 |
1.70 |
1.79 |
org.bouncycastle: BouncyCastle denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcpkix-jdk15on |
CVE-2026-5588 |
中危 |
1.70 |
1.84 |
bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| org.bouncycastle:bcpkix-jdk15to18 |
CVE-2025-8916 |
中危 |
1.74 |
1.79 |
org.bouncycastle: BouncyCastle denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcpkix-jdk15to18 |
CVE-2026-5588 |
中危 |
1.74 |
1.84 |
bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| org.bouncycastle:bcpkix-jdk15to18 |
CVE-2025-8916 |
中危 |
1.75 |
1.79 |
org.bouncycastle: BouncyCastle denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-13 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcpkix-jdk15to18 |
CVE-2026-5588 |
中危 |
1.75 |
1.84 |
bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:21
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-29857 |
中危 |
1.74 |
1.78 |
org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-30171 |
中危 |
1.74 |
1.78 |
bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-30172 |
中危 |
1.74 |
1.78 |
org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-34447 |
中危 |
1.74 |
1.78 |
org.bouncycastle: Use of Incorrectly-Resolved Name or Reference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-03 16:15 修改: 2026-06-17 07:33
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2025-8885 |
中危 |
1.74 |
1.78 |
bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2026-0636 |
中危 |
1.74 |
1.84 |
bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| com.fasterxml.jackson.core:jackson-databind |
CVE-2026-54515 |
中危 |
2.15.2 |
3.1.4, 2.18.9, 2.21.5, 2.22.1 |
jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-54515
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-06-23 21:17 修改: 2026-06-29 13:38
|
| io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.97.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
|
| io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.97.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-29857 |
中危 |
1.75 |
1.78 |
org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-29857 |
中危 |
1.75 |
1.78 |
org.bouncycastle: Importing an EC certificate with crafted F2m parameters may lead to Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29857
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:17 修改: 2026-06-17 07:23
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-30171 |
中危 |
1.75 |
1.78 |
bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-30171 |
中危 |
1.75 |
1.78 |
bc-java: BouncyCastle vulnerable to a timing variant of Bleichenbacher (Marvin Attack)
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30171
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-30172 |
中危 |
1.75 |
1.78 |
org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-30172 |
中危 |
1.75 |
1.78 |
org.bouncycastle:bcprov-jdk18on: Infinite loop in ED25519 verification in the ScalarUtil class
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-30172
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-14 15:21 修改: 2026-06-17 07:26
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-34447 |
中危 |
1.75 |
1.78 |
org.bouncycastle: Use of Incorrectly-Resolved Name or Reference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-03 16:15 修改: 2026-06-17 07:33
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2024-34447 |
中危 |
1.75 |
1.78 |
org.bouncycastle: Use of Incorrectly-Resolved Name or Reference
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34447
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-05-03 16:15 修改: 2026-06-17 07:33
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2025-8885 |
中危 |
1.75 |
1.78 |
bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2025-8885 |
中危 |
1.75 |
1.78 |
bouncycastle: Bouncy Castle denial of service parsing ASN.1 Object Identifiers
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8885
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-08-12 10:15 修改: 2026-06-17 10:07
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2026-0636 |
中危 |
1.75 |
1.84 |
bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17
|
| org.bouncycastle:bcprov-jdk15to18 |
CVE-2026-0636 |
中危 |
1.75 |
1.84 |
bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-04-15 10:16 修改: 2026-06-30 03:17
|
| org.glassfish:javax.el |
CVE-2021-28170 |
中危 |
3.0.0 |
|
jakarta-el: ELParserTokenManager enables invalid EL expressions to be evaluate
漏洞详情: https://avd.aquasec.com/nvd/cve-2021-28170
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2021-05-26 22:15 修改: 2026-06-17 03:45
|
| io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.97.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
|
| io.netty:netty-codec-http |
CVE-2024-29025 |
中危 |
4.1.97.Final |
4.1.108.Final |
netty-codec-http: Allocation of Resources Without Limits or Throttling
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-29025
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2024-03-25 20:15 修改: 2026-06-17 07:22
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.97.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.97.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.97.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| io.netty:netty-codec-http |
CVE-2025-67735 |
中危 |
4.1.97.Final |
4.2.8.Final, 4.1.129.Final |
netty-codec-http: Netty (netty-codec-http): Request Smuggling via CRLF Injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67735
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-12-16 01:15 修改: 2026-06-17 09:58
|
| org.opensearch:opensearch |
GHSA-6g3j-p5g6-992f |
中危 |
2.10.0 |
1.3.14, 2.11.1 |
OpenSearch StackOverflow vulnerability
漏洞详情: https://github.com/advisories/GHSA-6g3j-p5g6-992f
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2023-12-01 19:23 修改: 2023-12-01 19:23
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.97.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.97.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2026-41417 |
中危 |
4.1.97.Final |
4.1.133.Final, 4.2.13.Final |
netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-06 22:16 修改: 2026-06-17 10:46
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.97.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.97.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-handler-proxy |
CVE-2026-42578 |
低危 |
4.1.97.Final |
4.1.133.Final, 4.2.13.Final |
netty: io.netty/netty-handler-proxy: Netty: HTTP Header Injection via HttpProxyHandler Disabled Validation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42578
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2026-05-13 19:17 修改: 2026-07-10 12:16
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.97.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.97.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|
| io.netty:netty-codec-http |
CVE-2025-58056 |
低危 |
4.1.97.Final |
4.1.125.Final, 4.2.5.Final |
netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58056
镜像层: sha256:9402e00fb59d4d0c3fd73d43b700ff01779c3b754a1767589447c15c87002c31
发布日期: 2025-09-03 21:15 修改: 2026-06-17 09:43
|