ghcr.io/idaholab/malcolm/opensearch:26.06.0 linux/amd64

ghcr.io/idaholab/malcolm/opensearch:26.06.0 - Trivy安全扫描结果扫描时间: 2026-06-13 18:38

全部漏洞信息

低危漏洞:0

中危漏洞:56

高危漏洞:74

严重漏洞:0

系统OS: amazon 2023.11.20260511 (Amazon Linux) 扫描引擎: Trivy 扫描时间: 2026-06-13 18:38

ghcr.io/idaholab/malcolm/opensearch:26.06.0 (amazon 2023.11.20260511 (Amazon Linux)) (amazon)

低危漏洞:0

中危漏洞:10

高危漏洞:11

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
libcap	CVE-2026-27142	高危	2.73-1.amzn2023.0.6	2.73-1.amzn2023.0.7	html/template: URLs in meta content attribute actions are not escaped in html/template 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27142 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-03-06 22:16 修改: 2026-04-21 14:30
libcap	CVE-2026-33811	高危	2.73-1.amzn2023.0.6	2.73-1.amzn2023.0.7	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
libcap	CVE-2026-33814	高危	2.73-1.amzn2023.0.6	2.73-1.amzn2023.0.7	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
libcap	CVE-2026-39820	高危	2.73-1.amzn2023.0.6	2.73-1.amzn2023.0.7	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
libcap	CVE-2026-39823	高危	2.73-1.amzn2023.0.6	2.73-1.amzn2023.0.7	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
libcap	CVE-2026-42499	高危	2.73-1.amzn2023.0.6	2.73-1.amzn2023.0.7	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
libsolv	CVE-2026-48863	高危	0.7.22-1.amzn2023.0.2	0.7.22-1.amzn2023.0.4	libsolv: Stack-based buffer overflow in libsolv EdDSA PGP signature verification allows denial of service 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48863 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libsolv	CVE-2026-48864	高危	0.7.22-1.amzn2023.0.2	0.7.22-1.amzn2023.0.4	libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48864 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-26 17:16 修改: 2026-05-28 19:22
libsolv	CVE-2026-9149	高危	0.7.22-1.amzn2023.0.2	0.7.22-1.amzn2023.0.4	libsolv: Heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9149 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-21 00:16 修改: 2026-06-02 01:21
libsolv	CVE-2026-9150	高危	0.7.22-1.amzn2023.0.2	0.7.22-1.amzn2023.0.4	libsolv: Stack-based buffer overflow in libsolv's Debian metadata parser when handling SHA384/SHA512 checksums 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9150 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-05-20 23:16 修改: 2026-06-02 18:57
rsync	CVE-2026-43618	高危	3.4.0-1.amzn2023.0.3	3.4.0-1.amzn2023.0.4	rsync: rsync: Remote memory disclosure via integer overflow in compressed-token decoding 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43618 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-20 02:16 修改: 2026-05-21 20:34
jq	CVE-2026-39956	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: missing runtime type checks for _strindices lead to crash and limited memory disclosure 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39956 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-13 23:16 修改: 2026-04-21 23:54
jq	CVE-2026-39979	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39979 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-13 23:16 修改: 2026-04-23 16:50
jq	CVE-2026-40164	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: jq: Denial of Service via crafted JSON object causing hash collisions 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40164 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-14 00:16 修改: 2026-04-28 21:15
jq	CVE-2026-43894	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: jq: Arbitrary Code Execution or Denial of Service via Signed Integer Overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43894 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-11 18:16 修改: 2026-05-13 17:01
jq	CVE-2026-43896	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: stack overflow in recursive object merge 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-43896 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-11 18:16 修改: 2026-05-13 22:34
jq	CVE-2026-32316	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: jq: Denial of Service or potential arbitrary code execution due to integer overflow and heap-based buffer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32316 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-13 18:16 修改: 2026-04-22 16:29
jq	CVE-2026-33947	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: unbounded Recursion in jv_setpath() / jv_getpath() / delpaths_sorted() 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33947 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-13 22:16 修改: 2026-04-21 23:57
python3	CVE-2026-6019	中危	3.9.25-1.amzn2023.0.5	3.9.25-1.amzn2023.0.6	python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
python3-libs	CVE-2026-6019	中危	3.9.25-1.amzn2023.0.5	3.9.25-1.amzn2023.0.6	python: Python: Cross-Site Scripting (XSS) vulnerability in http.cookies module 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6019 镜像层: sha256:a3871aa5d2c6294fda44d64dbf86318d9c28d3e53315d918ab59835be0b76241 发布日期: 2026-04-22 20:16 修改: 2026-05-28 19:15
jq	CVE-2026-33948	中危	1.7.1-51.amzn2023	1.8.1-59.amzn2023	jq: jq: Input validation bypass via embedded NUL bytes allows parser differential attacks 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33948 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-14 00:16 修改: 2026-04-21 23:48

Java (jar)

低危漏洞:0

中危漏洞:43

高危漏洞:55

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
io.netty:netty-codec	CVE-2026-42583	高危	4.1.132.Final	4.1.133.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-classes-quic	CVE-2026-44894	高危	4.2.12.Final	4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44894 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-classes-quic	CVE-2026-44894	高危	4.2.12.Final	4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44894 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-compression	CVE-2026-42583	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-compression	CVE-2026-42583	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-compression	CVE-2026-42583	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-compression	CVE-2026-42583	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-compression	CVE-2026-42583	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42583 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:22
io.netty:netty-codec-http	CVE-2026-42584	高危	4.1.132.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
io.netty:netty-codec-http	CVE-2026-42587	高危	4.1.132.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http	CVE-2026-42584	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
io.netty:netty-codec-http	CVE-2026-42584	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
io.netty:netty-codec-http	CVE-2026-42584	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
io.netty:netty-codec-http	CVE-2026-42584	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
io.netty:netty-codec-http	CVE-2026-42584	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Incorrect HTTP response parsing leads to data confusion 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42584 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:15
io.netty:netty-codec-http	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.1.132.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http2	CVE-2026-42587	高危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: io.netty/netty-codec-http2: Netty: Denial of Service via unbounded memory allocation in HTTP content decompression 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42587 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:20
io.netty:netty-codec-http3	CVE-2026-42582	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42582 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:54
io.netty:netty-codec-http3	CVE-2026-42582	高危	4.2.12.Final	4.2.13.Final	Netty is an asynchronous, event-driven network application framework. ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42582 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:54
io.netty:netty-codec-http3	CVE-2026-44892	高危	4.2.12.Final	4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44892 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 05:16 修改: 2026-06-12 15:55
io.netty:netty-codec-http3	CVE-2026-44892	高危	4.2.12.Final	4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44892 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 05:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-44249	高危	4.1.132.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-11 22:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-45416	高危	4.1.132.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-44249	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-11 22:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-44249	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-11 22:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-44249	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-11 22:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-44249	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-11 22:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-44249	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-44249 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-11 22:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-45416	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-45416	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-45416	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-45416	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-handler	CVE-2026-45416	高危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45416 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
org.apache.httpcomponents.client5:httpclient5	CVE-2026-40542	高危	5.6	5.6.1	httpclient: Apache HttpClient: Authentication bypass due to missing mutual authentication verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40542 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-22 08:16 修改: 2026-05-01 17:12
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.2.12.Final	4.1.135.Final, 4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 16:16 修改: 2026-06-12 16:18
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.2.12.Final	4.1.135.Final, 4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 16:16 修改: 2026-06-12 16:18
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.2.12.Final	4.1.135.Final, 4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 16:16 修改: 2026-06-12 16:18
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.2.12.Final	4.1.135.Final, 4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 16:16 修改: 2026-06-12 16:18
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.2.12.Final	4.1.135.Final, 4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-12 16:16 修改: 2026-06-12 16:18
io.netty:netty-codec-http	CVE-2026-41417	中危	4.2.12.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
io.netty:netty-codec-http	CVE-2026-41417	中危	4.2.12.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
io.netty:netty-codec-http	CVE-2026-41417	中危	4.2.12.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
io.netty:netty-codec-http	CVE-2026-42580	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
io.netty:netty-codec-http	CVE-2026-42580	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
io.netty:netty-codec-http	CVE-2026-42580	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
io.netty:netty-codec-http	CVE-2026-42580	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
io.netty:netty-codec-http	CVE-2026-42580	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
io.netty:netty-codec-http	CVE-2026-42581	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
io.netty:netty-codec-http	CVE-2026-42581	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
io.netty:netty-codec-http	CVE-2026-42581	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
io.netty:netty-codec-http	CVE-2026-42581	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
io.netty:netty-codec-http	CVE-2026-42581	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
io.netty:netty-codec-http	CVE-2026-42585	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
io.netty:netty-codec-http	CVE-2026-42585	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
io.netty:netty-codec-http	CVE-2026-42585	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
io.netty:netty-codec-http	CVE-2026-42585	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
io.netty:netty-codec-http	CVE-2026-42585	中危	4.2.12.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
io.netty:netty-codec-http	CVE-2026-42581	中危	4.1.132.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: HTTP Request Smuggling due to improper handling of conflicting HTTP/1.0 headers 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42581 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 13:14
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.1.132.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-http2	CVE-2026-48043	中危	4.1.132.Final	4.1.135.Final, 4.2.15.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48043 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 16:16 修改: 2026-06-12 16:18
io.netty:netty-codec-http	CVE-2026-42585	中危	4.1.132.Final	4.2.13.Final, 4.1.133.Final	netty: io.netty/netty-codec-http: Netty: Request smuggling via malformed Transfer-Encoding parsing 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42585 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 12:24
io.netty:netty-codec-http	CVE-2026-41417	中危	4.1.132.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
io.netty:netty-codec-http	CVE-2026-42580	中危	4.1.132.Final	4.2.13.Final, 4.1.133.Final	netty: Netty: Request smuggling via chunk size parser integer overflow 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42580 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-13 19:17 修改: 2026-05-18 14:03
io.netty:netty-codec-http	CVE-2026-41417	中危	4.2.12.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
io.netty:netty-codec-http	CVE-2026-41417	中危	4.2.12.Final	4.1.133.Final, 4.2.13.Final	netty: Netty: HTTP request smuggling via URI manipulation and CRLF injection 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41417 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-06 22:16 修改: 2026-05-11 14:29
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
io.netty:netty-codec-http2	CVE-2026-47244	中危	4.2.12.Final	4.2.15.Final, 4.1.135.Final	Netty is a network application framework for development of protocol s ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47244 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-06-12 15:16 修改: 2026-06-12 15:55
org.apache.logging.log4j:log4j-1.2-api	CVE-2026-34479	中危	2.25.3	2.25.4	org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34479 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-04-10 16:16 修改: 2026-05-06 18:21
org.apache.logging.log4j:log4j-core	CVE-2026-34477	中危	2.25.3	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34477 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-10 16:16 修改: 2026-05-06 16:49
org.apache.logging.log4j:log4j-core	CVE-2026-34478	中危	2.25.3	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34478 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:10
org.apache.logging.log4j:log4j-core	CVE-2026-34480	中危	2.25.3	2.25.4	org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34480 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-04-10 16:16 修改: 2026-04-24 18:21
org.bouncycastle:bc-fips	CVE-2026-8149	中危	2.1.2		Bouncy Castle has a vulnerability in program files gcm128w, gcm512w 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8149 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-08 07:16 修改: 2026-05-19 00:16
org.bouncycastle:bc-fips	CVE-2026-8149	中危	2.1.2		Bouncy Castle has a vulnerability in program files gcm128w, gcm512w 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8149 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-08 07:16 修改: 2026-05-19 00:16
org.bouncycastle:bc-fips	CVE-2026-8149	中危	2.1.2		Bouncy Castle has a vulnerability in program files gcm128w, gcm512w 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-8149 镜像层: sha256:7a8565dbb89867a1756e4aea04d7cf69b651b66070e136e26067a4c7fd29b50f 发布日期: 2026-05-08 07:16 修改: 2026-05-19 00:16

usr/local/bin/yq (gobinary)

低危漏洞:0

中危漏洞:3

高危漏洞:8

严重漏洞:0

软件包	漏洞	安全状态	安装版本	修复版本	漏洞信息
stdlib	CVE-2026-33811	高危	v1.26.2	1.25.10, 1.26.3	net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33811 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-12 20:23
stdlib	CVE-2026-33814	高危	v1.26.2	1.25.10, 1.26.3	When processing HTTP/2 SETTINGS frames, transport will enter an infini ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33814 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 14:41
stdlib	CVE-2026-39820	高危	v1.26.2	1.25.10, 1.26.3	Well-crafted inputs reaching ParseAddress, ParseAddressList, and Parse ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39820 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:10
stdlib	CVE-2026-39823	高危	v1.26.2	1.25.10, 1.26.3	CVE-2026-27142 fixed a vulnerability in which URLs were not correctly ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39823 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39825	高危	v1.26.2	1.25.10, 1.26.3	ReverseProxy can forward queries containing parameters not visible to ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39825 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:58
stdlib	CVE-2026-39836	高危	v1.26.2	1.25.10, 1.26.3	ELSA-2026-22112: go-toolset:ol8 security update (IMPORTANT) 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39836 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 15:11
stdlib	CVE-2026-42499	高危	v1.26.2	1.25.10, 1.26.3	Pathological inputs could cause DoS through consumePhrase when parsing ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42499 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42504	高危	v1.26.2	1.25.11, 1.26.4	Decoding a maliciously-crafted MIME header containing many invalid enc ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42504 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-27145	中危	v1.26.2	1.25.11, 1.26.4	*x509.Certificate).VerifyHostname previously called matchHostnames in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27145 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15
stdlib	CVE-2026-39826	中危	v1.26.2	1.25.10, 1.26.3	html/template: golang: html/template: Cross-site scripting due to incorrect script tag escaping 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39826 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-05-07 20:16 修改: 2026-05-13 16:59
stdlib	CVE-2026-42507	中危	v1.26.2	1.25.11, 1.26.4	When returning errors, functions in the net/textproto package would in ... 漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42507 镜像层: sha256:84132d7a69f0864963da737b9767a0d65647f0548cbbb69f4c021b9414277005 发布日期: 2026-06-02 23:16 修改: 2026-06-04 16:15