| | | | | | |
| Terracotta Quartz Scheduler 代码问题漏洞 | | | | | http://www.quartz-scheduler.org/ |
| FasterXML jackson-databind 代码问题漏洞 | | | | | https://github.com/FasterXML/jackson-databind/issues/2460 |
| | | | | | https://issues.apache.org/jira/browse/XMLBEANS-517 |
| | | | | | https://github.com/stanfordnlp/CoreNLP/issues/1222 |
| | | | | | https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3 |
| | | | | | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 |
| | | | | | https://github.com/joblib/joblib/commit/b90f10efeb670a2cc877fb88ebb3f2019189e059 |
| | | | | | https://tanzu.vmware.com/security/cve-2022-22965 |
| Intel(R) oneAPI DPC++/C++ Compiler 安全漏洞 | | | | | http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html |
| | | | | | https://www.dell.com/support/kbdoc/en-us/000203278/dsa-2022-208-dell-bsafe-ssl-j-6-5-and-7-1-and-dell-bsafe-crypto-j-6-2-6-1-and-7-0-security-vulnerability |
| | | | | | https://www.scala-lang.org/download/ |
| | | | | | https://github.com/madler/zlib/ |
| | | | | | https://lists.apache.org/thread/g4l64s283njhnph2otx7q4gs2j952d31 |
| | | | | | https://lists.apache.org/thread/q23kvvtoohgzwybxpwozmvvk17rp0td3 |
| | | | | | https://bugs.busybox.net/show_bug.cgi?id=15216 |
| VMware Spring Security 安全漏洞 | | | | | https://spring.io/security/cve-2023-34034 |
| | | | | | https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7 |
| | | | | | https://nodejs.org/en/blog/vulnerability/october-2023-security-releases |
| | | | | | https://lists.apache.org/thread/gs0qgk2mgss7zfhzdd6ftfjvm4kp7v82 |
| | | | | | https://github.com/madler/zlib/pull/843 |
| | | | | | https://lists.apache.org/thread/yhy7tdfjf9hrl9vfrtzo8p2cyjq87v7n |
| | | | | | https://github.com/python-pillow/Pillow/releases/tag/10.2 |
| | | | | | https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 |
| Apache Commons Beanutils 代码问题漏洞 | | | | | https://issues.apache.org/jira/browse/BEANUTILS-520 |
| | | | | | https://xmlgraphics.apache.org/security.html |
| | | | | | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-24112 |
| Apache Commons Compress 安全漏洞 | | | | | https://lists.apache.org/thread.html/rc4134026d7d7b053d4f9f2205531122732405012c8804fd850a9b26f%40%3Cuser.commons.apache.org%3E |
| | | | | | https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw |
| | | | | | https://www.openssl.org/news/secadv/20221101.txt |
| Apache XML Graphics Batik代码问题漏洞 | | | | | https://lists.apache.org/thread/hxtddqjty2sbs12y97c8g7xfh17jzxsx |
| | | | | | https://github.com/jettison-json/jettison/issues/45 |
| | | | | | https://github.com/jettison-json/jettison/issues/45 |
| | | | | | https://github.com/x-stream/xstream/issues/304 |
| Apache XML Graphics Batik 代码问题漏洞 | | | | | https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf |
| | | | | | https://github.com/netty/netty/security/advisories/GHSA-fx2c-96vj-985v |
| FasterXML jackson-databind 代码问题漏洞 | | | | | https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33 |
| Apache XML Graphics Batik 代码问题漏洞 | | | | | https://lists.apache.org/thread/pkvhy0nsj1h1mlon008wtzhosbtxjwly |
| | | | | | https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.3 |
| | | | | | https://github.com/jettison-json/jettison/releases/tag/jettison-1.5.3 |
| | | | | | https://netplex.github.io/json-smart/ |
| | | | | | https://research.jfrog.com/vulnerabilities/jettison-json-array-dos-xray-427911/ |
| Apache Commons FileUpload 安全漏洞 | | | | | https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy |
| | | | | | https://lists.apache.org/thread/q9qpdlv952gb4kphpndd5phvl7fkh71r |
| | | | | | https://github.com/google/guava |
| | | | | | https://spring.io/security/cve-2023-34040 |
| | | | | | https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r |
| HCL BigFix Platform 输入验证错误漏洞 | | | | | https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791 |
| | | | | | https://nodejs.org/en/blog/vulnerability/october-2023-security-releases |
| | | | | | https://nodejs.org/en/blog/vulnerability/october-2023-security-releases |
| | | | | | https://github.com/eclipse-ee4j/parsson/commit/9dd5ad5f871f7b93654073a3f8ce3e1d9b8d9b31 |
| | | | | | https://github.com/python/cpython/pull/107982 |
| | | | | | https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q |
| | | | | | https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr |
| | | | | | https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/11 |
| | | | | | https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg |
| | | | | | https://github.com/stleary/JSON-java/ |
| | | | | | https://bitbucket.org/b_c/jose4j/downloads/ |
| | | | | | https://github.com/libexpat/libexpat/pull/789 |
| Connect2id Nimbus JOSE+JWT 安全漏洞 | | | | | https://connect2id.com/products/nimbus-jose-jwt |
| | | | | | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d |
| | | | | | https://github.com/xnio/xnio/tags |
| | | | | | https://access.redhat.com/security/cve/cve-2023-5764 |
| | | | | | https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b |
| | | | | | https://github.com/gentoo/cpython/commit/a6a90cac7e1af91b032dcf0df13437857bc6c112 |
| | | | | | https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#code-injection-and-privilege-escalation-through-linux-capabilities-cve-2024-21892---high |
| | | | | | https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#reading-unprocessed-http-request-with-unbounded-chunk-extension-allows-dos-attacks-cve-2024-22019---high |
| | | | | | https://github.com/jetty/jetty.project/security/advisories/GHSA-rggv-cv7r-mw98 |
| | | | | | https://spring.io/projects/spring-framework#support |
| VMware Spring Security 安全漏洞 | | | | | https://spring.io/security/cve-2024-22257 |
| | | | | | https://spring.io/security/cve-2024-22259 |
| | | | | | https://spring.io/security/cve-2024-22262 |
| | | | | | https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f |
| | | | | | https://github.com/apache/xerces-c/pull/54 |
| | | | | | https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315 |
| | | | | | https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg |
| | | | | | https://gitlab.gnome.org/GNOME/libxml2/-/tags |
| | | | | | https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce |
| | | | | | https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55 |
| | | | | | https://httpd.apache.org/security/vulnerabilities_24.html |
| | | | | | https://nodejs.org/en/blog/vulnerability/april-2024-security-releases |
| | | | | | https://github.com/libexpat/libexpat/pull/842 |
| Apache Commons Configuration 缓冲区错误漏洞 | | | | | https://lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37 |
| Apache Commons Configuration 缓冲区错误漏洞 | | | | | https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2 |
| | | | | | https://www.bouncycastle.org/latest_releases.html |
| | | | | | https://activemq.apache.org/security-advisories.data/CVE-2024-32114-announcement.txt |
| | | | | | https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985 |
| | | | | | https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.8 |
| | | | | | https://github.com/openssl/openssl |
| Red Hat Undertow 资源管理错误漏洞 | | | | | https://bugzilla.redhat.com/show_bug.cgi?id=2293069 |
| | | | | | |
| | | | | | https://ant.apache.org/security.html |
| netplex json-smart-v 代码问题漏洞 | | | | | https://github.com/netplex/json-smart-v2 |
| | | | | | https://issues.apache.org/jira/browse/IO-556 |
| | | | | | https://github.com/highcharts/highcharts/security/advisories/GHSA-8j65-4pcq-xq95 |
| | | | | | |
| | | | | | |
| Apache Commons Net 输入验证错误漏洞 | | | | | https://lists.apache.org/thread/o6yn9r9x6s94v97264hmgol1sf48mvx7 |
| | | | | | https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc |
| | | | | | https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 |
| | | | | | https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327 |
| Vmware Spring Framework 安全漏洞 | | | | | https://tanzu.vmware.com/security/cve-2022-22950 |
| Vmware Spring Framework 安全特征问题漏洞 | | | | | https://tanzu.vmware.com/security/cve-2022-22968 |
| Spring Framework 输入验证错误漏洞 | | | | | https://spring.io/projects/spring-framework |
| | | | | | https://github.com/jquery/jquery-ui/security/advisories/GHSA-h6gj-6jjq-h8g9 |
| | | | | | https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369 |
| Apache XML Graphics Batik 代码问题漏洞 | | | | | https://lists.apache.org/thread/712c9xwtmyghyokzrm2ml6sps4xlmbsx |
| Apache XML Graphics Batik 代码问题漏洞 | | | | | https://lists.apache.org/thread/gfsktxvj7jtwyovmhhbrw0bs13wfjd7b |
| | | | | | https://github.com/netty/netty/security/advisories/GHSA-hh82-3pmq-7frp |
| | | | | | https://spring.io/security/cve-2023-20861 |
| | | | | | https://source.android.com/security/bulletin/pixel/2023-03-01 |
| | | | | | https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/ |
| | | | | | https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/ |
| Flexera InstallShield 安全漏洞 | | | | | https://community.flexera.com/t5/Product-Downloads/ct-p/Downloads |
| | | | | | https://www.openssl.org/news/secadv/20230714.txt |
| | | | | | https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc |
| | | | | | https://www.bouncycastle.org/latest_releases.html |
| | | | | | https://github.com/spring-projects/spring-boot/releases/tag/v3.0. |
| | | | | | https://www.openssl.org/news/secadv/20230719.txt |
| FasterXML jackson-databind 代码问题漏洞 | | | | | https://github.com/FasterXML/jackson-databind/issues/3972 |
| | | | | | https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2 |
| | | | | | https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j |
| | | | | | https://www.openssl.org/news/secadv/20230731.txt |
| | | | | | https://httpd.apache.org/security/vulnerabilities_24.html |
| | | | | | https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6 |
| | | | | | https://github.com/eclipse/jetty.project/security/advisories/GHSA-pwh8-58vv-vw48 |
| Apache Commons Compress 资源管理错误漏洞 | | | | | https://lists.apache.org/thread/5xwcyr600mn074vgxq92tjssrchmc93c |
| Apache Santuario 日志信息泄露漏洞 | | | | | https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55 |
| | | | | | https://curl.se/docs/CVE-2023-46218.html |
| | | | | | https://curl.se/docs/CVE-2023-46219.html |
| | | | | | https://lists.apache.org/thread/hoc9zdyzmmrfj1zhctsvvtx844tcq6w9 |
| | | | | | https://www.openssh.com/openbsd.html |
| | | | | | https://github.com/aio-libs/aiohttp/security/advisories/GHSA-q3qx-c6g2-7pw2 |
| | | | | | https://github.com/aio-libs/aiohttp/security/advisories/GHSA-qvrw-v9rv-5rjx |
| Python cryptography 代码问题漏洞 | | | | | https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97 |
| | | | | | https://github.com/json-path/JsonPath/issues/973 |
| | | | | | https://github.com/libexpat/libexpat/commit/0f075ec8ecb5e43f8fdca5182f8cca4703da0404 |
| | | | | | https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017 |
| | | | | | https://gitlab.com/gnutls/gnutls/-/commit/29d6298d0b04cfff970b993915db71ba3f580b6d |
| | | | | | https://www.openssl.org/news/secadv/20240109.txt |
| | | | | | https://sqlite.org/forum/forumpost/4aa381993a |
| | | | | | https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85 |
| | | | | | https://curl.se/docs/CVE-2024-0853.html |
| Apache James MIME4J 输入验证错误漏洞 | | | | | https://james.apache.org/download.cgi#Apache_Mime4J |
| | | | | | https://nodejs.org/en/blog/vulnerability/february-2024-security-releases |
| VMware Spring Security 安全漏洞 | | | | | https://spring.io/security/cve-2024-22234 |
| | | | | | https://github.com/nahsra/antisamy/releases/tag/v1.7.5 |
| | | | | | https://lists.apache.org/thread/96s5nqssj03rznz9hv58txdb2k1lr79k |
| | | | | | https://httpd.apache.org/security/vulnerabilities_24.html |
| | | | | | https://github.com/ckeditor/ckeditor4/commit/8ed1a3c93d0ae5f49f4ecff5738ab8a2972194cb |
| | | | | | https://github.com/ckeditor/ckeditor4/commit/8ed1a3c93d0ae5f49f4ecff5738ab8a2972194cb |
| Apache Commons Compress 安全漏洞 | | | | | https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf |
| Apache Commons Compress 安全漏洞 | | | | | https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg |
| | | | | | |
| | | | | | https://github.com/nghttp2/nghttp2/security/advisories/GHSA-x6x3-gv8h-m57q |
| | | | | | |
| | | | | | https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp |
| | | | | | https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c |
| | | | | | https://github.com/expressjs/express/releases/tag/v5.0.0-beta |
| Tiny Technologies TinyMCE 安全漏洞 | | | | | https://github.com/tinymce/tinymce/commit/bcdea2ad14e3c2cea40743fb48c63bba067ae6d1 |
| | | | | | https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004 |
| Tiny Technologies TinyMCE 安全漏洞 | | | | | https://github.com/tinymce/tinymce/commit/bcdea2ad14e3c2cea40743fb48c63bba067ae6d1 |
| | | | | | https://www.bouncycastle.org/latest_releases.html |
| | | | | | https://www.bouncycastle.org/latest_releases.html |
| | | | | | https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj |
| | | | | | https://www.bouncycastle.org/latest_releases.html |
| | | | | | https://lists.apache.org/thread/wfno8mf5nlcvbs78z93q9thgrm30wwfh |
| | | | | | https://www.libssh.org/files/0.10/ |
| | | | | | https://www.libssh.org/2023/12/18/libssh-0-10-6-and-libssh-0-9-8-security-releases/ |
| | | | | | https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2 |
| | | | | | https://www.openssl.org/news/secadv/20240516.txt |