docker.io/xuxuclassmate/dameng:20251203 linux/amd64

docker.io/xuxuclassmate/dameng:20251203 - Trivy安全扫描结果 扫描时间: 2026-06-14 00:15
全部漏洞信息
低危漏洞:34 中危漏洞:80 高危漏洞:22 严重漏洞:0

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2026-06-14 00:15

docker.io/xuxuclassmate/dameng:20251203 (ubuntu 22.04) (ubuntu)
低危漏洞:33 中危漏洞:39 高危漏洞:1 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libssl3 CVE-2026-45447 高危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 15:16
libblkid1 CVE-2026-27456 中危 2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libc-bin CVE-2026-4046 中危 2.35-0ubuntu3.13 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc-bin CVE-2026-5435 中危 2.35-0ubuntu3.13 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc-bin CVE-2026-6238 中危 2.35-0ubuntu3.13 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libc6 CVE-2026-4046 中危 2.35-0ubuntu3.13 glibc: glibc: Denial of Service via iconv() function with specific character sets

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-03-30 18:16 修改: 2026-04-20 22:16
libc6 CVE-2026-5435 中危 2.35-0ubuntu3.13 glibc: glibc: Out-of-bounds write via TSIG record processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5435

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-28 13:19 修改: 2026-05-05 17:38
libc6 CVE-2026-6238 中危 2.35-0ubuntu3.13 glibc: glibc: Application crash or uninitialized memory read via crafted DNS response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6238

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-28 19:37 修改: 2026-05-04 17:57
libcap2 CVE-2026-4878 中危 1:2.44-1ubuntu0.22.04.2 1:2.44-1ubuntu0.22.04.3 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-09 16:16 修改: 2026-06-11 10:16
libgcrypt20 CVE-2026-41989 中危 1.9.4-3ubuntu3 1.9.4-3ubuntu3.2 Libgcrypt: Libgcrypt: Denial of Service and buffer overflow via crafted ECDH ciphertext

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41989

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-23 05:16 修改: 2026-04-27 18:33
libgnutls30 CVE-2026-33845 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-33846 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-04 10:15 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-3832 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-30 18:16 修改: 2026-06-02 17:16
libgnutls30 CVE-2026-3833 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-30 18:16 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-42009 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-18 13:16 修改: 2026-06-08 17:16
libgnutls30 CVE-2026-42010 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Authentication Bypass via NUL Character in Username

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-07 12:16 修改: 2026-06-10 16:17
libgnutls30 CVE-2026-42011 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Security bypass due to incorrect name constraint handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-07 15:16 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-42012 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-42013 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-42014 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libgnutls30 CVE-2026-42015 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libgnutls30 CVE-2026-5260 中危 3.7.3-4ubuntu1.8 3.7.3-4ubuntu1.9 gnutls: gnutls: Information disclosure via heap overread in RSA key exchange

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-05-26 22:16 修改: 2026-06-02 16:16
libmount1 CVE-2026-27456 中危 2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsmartcols1 CVE-2026-27456 中危 2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
bsdutils CVE-2026-27456 中危 1:2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3 CVE-2026-31790 中危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.23 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-34182 中危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 17:16
libssl3 CVE-2026-45445 中危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: AES-OCB IV Ignored on EVP_Cipher() Path

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libsystemd0 CVE-2026-29111 中危 249.11-0ubuntu3.17 249.11-0ubuntu3.19 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libsystemd0 CVE-2026-40225 中危 249.11-0ubuntu3.17 249.11-0ubuntu3.19 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libsystemd0 CVE-2026-40226 中危 249.11-0ubuntu3.17 249.11-0ubuntu3.21 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libudev1 CVE-2026-29111 中危 249.11-0ubuntu3.17 249.11-0ubuntu3.19 systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-03-23 22:16 修改: 2026-04-15 16:44
libudev1 CVE-2026-40225 中危 249.11-0ubuntu3.17 249.11-0ubuntu3.19 systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40225

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-10 16:16 修改: 2026-04-27 19:00
libudev1 CVE-2026-40226 中危 249.11-0ubuntu3.17 249.11-0ubuntu3.21 systemd: systemd nspawn: Escape-to-host action via crafted config file

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40226

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-10 16:16 修改: 2026-04-17 22:02
libuuid1 CVE-2026-27456 中危 2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount CVE-2026-27456 中危 2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
sed CVE-2026-5958 中危 4.8-1ubuntu2 4.8-1ubuntu2.1 sed: GNU sed TOCTOU race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5958

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-20 12:16 修改: 2026-05-19 15:17
tar CVE-2025-45582 中危 1.34+dfsg-1ubuntu0.1.22.04.2 tar: Tar path traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-45582

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2025-07-11 17:15 修改: 2025-11-02 01:15
tar CVE-2026-5704 中危 1.34+dfsg-1ubuntu0.1.22.04.2 tar: tar: Hidden file injection via crafted archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5704

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-06 16:16 修改: 2026-04-22 20:08
util-linux CVE-2026-27456 中危 2.37.2-4ubuntu3.5 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3 CVE-2026-31789 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.23 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-34180 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42766 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: Possible NULL Dereference in Password-Based CMS Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42767 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-42770 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: FFC-DH Peer Validation Uses Attacker-Supplied q

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-45446 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-7383 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libssl3 CVE-2026-9076 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.25 openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-06-09 17:17 修改: 2026-06-10 08:16
libstdc++6 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04.3 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libncursesw6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
libpcre2-8-0 CVE-2022-41409 低危 10.39-3ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-07-18 14:15 修改: 2024-11-21 07:23
libpcre3 CVE-2017-11164 低危 2:8.39-13ubuntu0.22.04.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2017-07-11 03:29 修改: 2025-04-20 01:37
libsystemd0 CVE-2023-7008 低危 249.11-0ubuntu3.17 249.11-0ubuntu3.21 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libsystemd0 CVE-2026-40228 低危 249.11-0ubuntu3.17 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libtinfo6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
gcc-12-base CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04.3 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libgcrypt20 CVE-2024-2236 低危 1.9.4-3ubuntu3 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2024-03-06 22:15 修改: 2026-04-15 00:35
liblzma5 CVE-2026-34743 低危 5.2.5-2ubuntu1 5.2.5-2ubuntu1.1 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libudev1 CVE-2023-7008 低危 249.11-0ubuntu3.17 249.11-0ubuntu3.21 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-23 13:15 修改: 2025-11-04 17:15
libudev1 CVE-2026-40228 低危 249.11-0ubuntu3.17 systemd: systemd-journald: Unintended output to user terminals via logger command

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40228

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-10 16:16 修改: 2026-05-05 02:16
libgcc-s1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04.3 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2022-03-26 13:15 修改: 2024-11-21 06:56
libzstd1 CVE-2022-4899 低危 1.4.8+dfsg-3build1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-03-31 20:15 修改: 2025-02-18 18:15
login CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
login CVE-2024-56433 低危 1:4.8.1-2ubuntu2.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libncurses6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
ncurses-base CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
ncurses-bin CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-12-12 15:15 修改: 2025-11-04 19:16
passwd CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2023-04-14 22:15 修改: 2025-11-03 20:16
passwd CVE-2024-56433 低危 1:4.8.1-2ubuntu2.2 shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2024-12-26 09:15 修改: 2026-04-15 00:35
libssl3 CVE-2026-28387 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.23 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28388 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28389 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28390 低危 3.0.2-0ubuntu1.21 3.0.2-0ubuntu1.23 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:351d919b2c06105efcb263b77e23bff2f166d23bcb487f5185d884bfada142f3

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
Java (jar)
低危漏洞:1 中危漏洞:41 高危漏洞:21 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.13.4 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-06-25 17:15 修改: 2026-04-15 00:35
com.fasterxml.jackson.core:jackson-core CVE-2025-52999 高危 2.13.4 2.15.0 com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-52999

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-06-25 17:15 修改: 2026-04-15 00:35
com.microsoft.sqlserver:mssql-jdbc CVE-2025-59250 高危 10.2.3 10.2.4.jre11, 11.2.4.jre11, 12.2.1.jre11, 12.6.5.jre11, 12.8.2.jre11, 12.10.2.jre11, 13.2.1.jre11 JDBC Driver for SQL Server has improper input validation issue

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59250

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-10-14 17:16 修改: 2025-10-30 16:35
com.microsoft.sqlserver:mssql-jdbc CVE-2025-59250 高危 8.4.1 10.2.4.jre11, 11.2.4.jre11, 12.2.1.jre11, 12.6.5.jre11, 12.8.2.jre11, 12.10.2.jre11, 13.2.1.jre11 JDBC Driver for SQL Server has improper input validation issue

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59250

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-10-14 17:16 修改: 2025-10-30 16:35
io.airlift:aircompressor CVE-2025-67721 高危 0.27 2.0.3 aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-67721

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-12-12 23:15 修改: 2026-03-17 19:40
org.bouncycastle:bcpg-jdk15to18 CVE-2026-3505 高危 1.78.1 1.84 bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3505

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcpg-jdk15to18 CVE-2026-3505 高危 1.78.1 1.84 bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3505

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcpg-jdk15to18 CVE-2026-3505 高危 1.78.1 1.84 bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3505

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcpg-jdk15to18 CVE-2026-3505 高危 1.78.1 1.84 bouncycastle: BC-JAVA: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3505

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-5598 高危 1.78.1 1.84 bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-5598 高危 1.78.1 1.84 bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-5598 高危 1.78.1 1.84 bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-5598 高危 1.78.1 1.84 bouncycastle: BC-JAVA: private key leakage via non-constant time comparisons

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5598

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.eclipse.jetty:jetty-http CVE-2026-2332 高危 9.4.54.v20240208 12.1.7, 12.0.33 org.eclipse.jetty/jetty-http: HTTP request smuggling via chunked extension quoted-string parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2332

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-14 12:16 修改: 2026-05-01 13:31
org.eclipse.jetty:jetty-server CVE-2024-13009 高危 9.4.54.v20240208 9.4.57.v20241219 jetty-server: Jetty: Gzip Request Body Buffer Corruption

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-13009

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-05-08 18:15 修改: 2025-07-31 16:31
org.postgresql:postgresql CVE-2025-49146 高危 42.7.4 42.7.7 pgjdbc: pgjdbc insecure authentication in channel binding

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49146

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-06-11 15:15 修改: 2025-10-06 19:29
org.postgresql:postgresql CVE-2025-49146 高危 42.7.4 42.7.7 pgjdbc: pgjdbc insecure authentication in channel binding

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49146

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-06-11 15:15 修改: 2025-10-06 19:29
org.postgresql:postgresql CVE-2026-42198 高危 42.7.4 42.7.11 jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42198

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-29 16:16 修改: 2026-05-01 12:51
org.postgresql:postgresql CVE-2026-42198 高危 42.7.4 42.7.11 jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42198

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-29 16:16 修改: 2026-05-01 12:51
org.xerial.snappy:snappy-java CVE-2023-34455 高危 1.0.4.1 1.1.10.1 snappy-java: Unchecked chunk length leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34455

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2023-06-15 18:15 修改: 2024-11-21 08:07
org.xerial.snappy:snappy-java CVE-2023-43642 高危 1.0.4.1 1.1.10.4 snappy-java: Missing upper bound check on chunk length in snappy-java can lead to Denial of Service (DoS) impact

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-43642

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2023-09-25 20:15 修改: 2024-11-21 08:24
org.apache.logging.log4j:log4j-core CVE-2026-34478 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:10
org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:21
org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:21
org.apache.logging.log4j:log4j-core CVE-2026-34480 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:21
org.apache.poi:poi-ooxml CVE-2025-31672 中危 5.2.3 5.4.0 org.apache.poi/poi-ooxml: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-31672

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-04-09 12:15 修改: 2025-07-15 19:08
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.13.4 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq 中危 2.13.4 2.21.1, 2.18.6 jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition

漏洞详情: https://github.com/advisories/GHSA-72hv-8253-57qq

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-02-28 02:01 修改: 2026-04-07 16:30
net.i2p.crypto:eddsa CVE-2020-36843 中危 0.3.0 The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36843

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-03-13 06:15 修改: 2026-04-15 00:35
net.i2p.crypto:eddsa CVE-2020-36843 中危 0.3.0 The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36843

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-03-13 06:15 修改: 2026-04-15 00:35
org.bouncycastle:bcpkix-jdk15to18 CVE-2025-8916 中危 1.78.1 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-08-13 10:15 修改: 2026-05-12 13:17
org.bouncycastle:bcpkix-jdk15to18 CVE-2025-8916 中危 1.78.1 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-08-13 10:15 修改: 2026-05-12 13:17
org.bouncycastle:bcpkix-jdk15to18 CVE-2025-8916 中危 1.78.1 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-08-13 10:15 修改: 2026-05-12 13:17
org.bouncycastle:bcpkix-jdk15to18 CVE-2025-8916 中危 1.78.1 1.79 org.bouncycastle: BouncyCastle denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8916

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-08-13 10:15 修改: 2026-05-12 13:17
org.bouncycastle:bcpkix-jdk15to18 CVE-2026-5588 中危 1.78.1 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcpkix-jdk15to18 CVE-2026-5588 中危 1.78.1 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcpkix-jdk15to18 CVE-2026-5588 中危 1.78.1 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcpkix-jdk15to18 CVE-2026-5588 中危 1.78.1 1.84 bouncycastle: BC-JAVA: PKIX draft CompositeVerifier accepts empty signature sequence as valid

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5588

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
net.i2p.crypto:eddsa CVE-2020-36843 中危 0.3.0 The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36843

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-03-13 06:15 修改: 2026-04-15 00:35
net.i2p.crypto:eddsa CVE-2020-36843 中危 0.3.0 The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-36843

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-03-13 06:15 修改: 2026-04-15 00:35
org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.12.0 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
org.apache.commons:commons-lang3 CVE-2025-48924 中危 3.8.1 3.18.0 commons-lang/commons-lang: org.apache.commons/commons-lang3: Uncontrolled Recursion vulnerability in Apache Commons Lang

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48924

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-07-11 15:15 修改: 2025-11-04 22:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-0636 中危 1.78.1 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-0636 中危 1.78.1 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-0636 中危 1.78.1 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.bouncycastle:bcprov-jdk15to18 CVE-2026-0636 中危 1.78.1 1.84 bouncycastle: BC-JAVA: LDAP injection vulnerability in LDAPStoreHelper.java

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0636

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-15 10:16 修改: 2026-05-19 00:16
org.eclipse.angus:smtp CVE-2025-7962 中危 2.0.1 2.0.4 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-07-21 18:15 修改: 2025-11-13 18:36
org.eclipse.angus:smtp CVE-2025-7962 中危 2.0.1 2.0.4 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-07-21 18:15 修改: 2025-11-13 18:36
org.eclipse.angus:smtp CVE-2025-7962 中危 2.0.1 2.0.4 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-07-21 18:15 修改: 2025-11-13 18:36
org.eclipse.angus:smtp CVE-2025-7962 中危 2.0.1 2.0.4 com.sun.mail/jakarta.mail: Jakarta Mail SMTP Injection Vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7962

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-07-21 18:15 修改: 2025-11-13 18:36
org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.24.3 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-12-18 21:15 修改: 2026-01-20 01:15
org.eclipse.jetty:jetty-http CVE-2024-6763 中危 9.4.54.v20240208 12.0.12 org.eclipse.jetty:jetty-http: jetty: Jetty URI parsing of invalid authority

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6763

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2024-10-14 16:15 修改: 2025-07-10 15:04
org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.24.3 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-12-18 21:15 修改: 2026-01-20 01:15
org.eclipse.jetty:jetty-server CVE-2024-8184 中危 9.4.54.v20240208 12.0.9, 10.0.24, 11.0.24, 9.4.56 org.eclipse.jetty:jetty-server: jetty: Jetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-8184

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2024-10-14 16:15 修改: 2025-11-03 20:17
org.apache.logging.log4j:log4j-core CVE-2025-68161 中危 2.24.3 2.25.3 Apache Log4j: Apache Log4j Core: Information disclosure via missing TLS hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68161

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2025-12-18 21:15 修改: 2026-01-20 01:15
org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-05-06 16:49
org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-05-06 16:49
org.apache.logging.log4j:log4j-core CVE-2026-34477 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-05-06 16:49
org.apache.logging.log4j:log4j-core CVE-2026-34478 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:10
org.apache.logging.log4j:log4j-core CVE-2026-34478 中危 2.24.3 2.25.4 org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:10
org.xerial.snappy:snappy-java CVE-2023-34453 中危 1.0.4.1 1.1.10.1 snappy-java: Integer overflow in shuffle leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34453

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2023-06-15 17:15 修改: 2024-11-21 08:07
org.xerial.snappy:snappy-java CVE-2023-34454 中危 1.0.4.1 1.1.10.1 snappy-java: Integer overflow in compress leads to DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-34454

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2023-06-15 17:15 修改: 2024-12-12 17:15
org.eclipse.jetty:jetty-http CVE-2025-11143 低危 9.4.54.v20240208 12.0.31, 12.1.5 org.eclipse.jetty/jetty-http: org.eclipse.jetty: Security bypass due to differential URI parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11143

镜像层: sha256:5184d24985411394f05cc9a5747dcd134367d77a908290824e86ec825c7c7dcf

发布日期: 2026-03-05 10:15 修改: 2026-03-06 20:30
/opt/dmdbms/bin/client_ssl/DEVELOP/client-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/opt/dmdbms/bin/client_ssl/DMHR/client-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/opt/dmdbms/bin/client_ssl/SYSAUDITOR/client-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/opt/dmdbms/bin/client_ssl/SYSDBA/client-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/opt/dmdbms/bin/client_ssl/SYSDBO/client-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/opt/dmdbms/bin/client_ssl/SYSSSO/client-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
/opt/dmdbms/bin/server_ssl/server-key.pem ()
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息