CNNVD | 关于Oracle多个安全漏洞的通报

科技 2025-01-23 18:26 北京

扫码订阅《中国信息安全》

邮发代号 2-786

征订热线：010-82341063

漏洞情况

近日，Oracle官方发布了多个安全漏洞的公告，其中Oracle产品本身漏洞87个，影响到Oracle产品的其他厂商漏洞180个。Oracle Mysql、Oracle Communications Order and Service Management、Oracle Java SE、Oracle PeopleSoft Enterprise PeopleTools等多个产品和系统受漏洞影响。目前，Oracle官方已经发布了漏洞修复补丁，建议用户及时确认是否受到漏洞影响，尽快采取修补措施。

一
漏洞介绍

2025年1月21日，Oracle发布了2025年1月份安全更新，共267个漏洞的补丁程序，CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Oracle Mysql 和 Mysql 组件、Oracle Communications Order and Service Management、Oracle Java SE、Oracle PeopleSoft Enterprise PeopleTools、Oracle MySQL、Oracle Hospitality Applications等。CNNVD对其危害等级进行了评价，其中超危漏洞16个，高危漏洞89个，中危漏洞151个，低危漏洞11个。

Oracle多个产品和系统版本受漏洞影响，具体影响范围可访问Oracle官方网站查询：

https://www.oracle.com/security-alerts/cpujan2025.html

二
漏洞详情

此次更新共267个漏洞的补丁程序，包括84个新增漏洞的补丁程序、3个更新漏洞的补丁程序和180个影响Oracle产品的其他厂商漏洞的补丁程序。

此次更新共包括84个新增漏洞的补丁程序，其中超危漏洞4个，高危漏洞13个，中危漏洞65个，低危漏洞2个。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	官方链接
1	Oracle Agile PLM Framework 安全漏洞	CNNVD-202501-2843	CVE-2025-21556	超危	https://www.oracle.com/security-alerts/cpujan2025.html
2	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2898	CVE-2025-21524	超危	https://www.oracle.com/security-alerts/cpujan2025.html
3	Oracle Hospitality Applications 安全漏洞	CNNVD-202501-2904	CVE-2025-21547	超危	https://www.oracle.com/security-alerts/cpujan2025.html
4	Oracle Fusion Middleware 安全漏洞	CNNVD-202501-2908	CVE-2025-21535	超危	https://www.oracle.com/security-alerts/cpujan2025.html
5	Oracle Virtualization 安全漏洞	CNNVD-202501-2839	CVE-2025-21571	高危	https://www.oracle.com/security-alerts/cpujan2025.html
6	Oracle Supply Chain Products Suite 安全漏洞	CNNVD-202501-2841	CVE-2025-21565	高危	https://www.oracle.com/security-alerts/cpujan2025.html
7	Oracle Supply Chain Products Suite 安全漏洞	CNNVD-202501-2842	CVE-2025-21564	高危	https://www.oracle.com/security-alerts/cpujan2025.html
8	Oracle PeopleSoft Enterprise PeopleTools 安全漏洞	CNNVD-202501-2849	CVE-2025-21545	高危	https://www.oracle.com/security-alerts/cpujan2025.html
9	Oracle MySQL Server 安全漏洞	CNNVD-202501-2894	CVE-2025-21521	高危	https://www.oracle.com/security-alerts/cpujan2025.html
10	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2895	CVE-2025-21511	高危	https://www.oracle.com/security-alerts/cpujan2025.html
11	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2896	CVE-2025-21510	高危	https://www.oracle.com/security-alerts/cpujan2025.html
12	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2897	CVE-2025-21515	高危	https://www.oracle.com/security-alerts/cpujan2025.html
13	Oracle Java SE 安全漏洞	CNNVD-202501-2900	CVE-2025-0509	高危	https://www.oracle.com/security-alerts/cpujan2025.html
14	Oracle Analytics 安全漏洞	CNNVD-202501-2905	CVE-2025-21532	高危	https://www.oracle.com/security-alerts/cpujan2025.html
15	Oracle Fusion Middleware 安全漏洞	CNNVD-202501-2907	CVE-2025-21549	高危	https://www.oracle.com/security-alerts/cpujan2025.html
16	Oracle E-Business Suite 安全漏洞	CNNVD-202501-2911	CVE-2025-21506	高危	https://www.oracle.com/security-alerts/cpujan2025.html
17	Oracle E-Business Suite 安全漏洞	CNNVD-202501-2913	CVE-2025-21516	高危	https://www.oracle.com/security-alerts/cpujan2025.html
18	Oracle Virtualization 安全漏洞	CNNVD-202501-2838	CVE-2025-21533	中危	https://www.oracle.com/security-alerts/cpujan2025.html
19	Oracle Solaris 安全漏洞	CNNVD-202501-2840	CVE-2025-21551	中危	https://www.oracle.com/security-alerts/cpujan2025.html
20	Oracle Supply Chain Products Suite 安全漏洞	CNNVD-202501-2844	CVE-2025-21560	中危	https://www.oracle.com/security-alerts/cpujan2025.html
21	Oracle PeopleSoft Enterprise CC Common Application Objects 安全漏洞	CNNVD-202501-2845	CVE-2025-21563	中危	https://www.oracle.com/security-alerts/cpujan2025.html
22	Oracle PeopleSoft 安全漏洞	CNNVD-202501-2846	CVE-2025-21530	中危	https://www.oracle.com/security-alerts/cpujan2025.html
23	Oracle PeopleSoft 安全漏洞	CNNVD-202501-2847	CVE-2025-21539	中危	https://www.oracle.com/security-alerts/cpujan2025.html
24	Oracle PeopleSoft 安全漏洞	CNNVD-202501-2848	CVE-2025-21561	中危	https://www.oracle.com/security-alerts/cpujan2025.html
25	Oracle PeopleSoft 安全漏洞	CNNVD-202501-2850	CVE-2025-21562	中危	https://www.oracle.com/security-alerts/cpujan2025.html
26	Oracle PeopleSoft 安全漏洞	CNNVD-202501-2851	CVE-2025-21537	中危	https://www.oracle.com/security-alerts/cpujan2025.html
27	Oracle MySQL 安全漏洞	CNNVD-202501-2854	CVE-2025-21519	中危	https://www.oracle.com/security-alerts/cpujan2025.html
28	Oracle MySQL 安全漏洞	CNNVD-202501-2855	CVE-2025-21493	中危	https://www.oracle.com/security-alerts/cpujan2025.html
29	Oracle MySQL 安全漏洞	CNNVD-202501-2856	CVE-2025-21534	中危	https://www.oracle.com/security-alerts/cpujan2025.html
30	Oracle MySQL Server 安全漏洞	CNNVD-202501-2857	CVE-2025-21494	中危	https://www.oracle.com/security-alerts/cpujan2025.html
31	Oracle MySQL 安全漏洞	CNNVD-202501-2858	CVE-2025-21536	中危	https://www.oracle.com/security-alerts/cpujan2025.html
32	Oracle MySQL Server 安全漏洞	CNNVD-202501-2859	CVE-2025-21504	中危	https://www.oracle.com/security-alerts/cpujan2025.html
33	Oracle MySQL 安全漏洞	CNNVD-202501-2860	CVE-2025-21495	中危	https://www.oracle.com/security-alerts/cpujan2025.html
34	Oracle MySQL 安全漏洞	CNNVD-202501-2861	CVE-2025-21492	中危	https://www.oracle.com/security-alerts/cpujan2025.html
35	Oracle MySQL Server 安全漏洞	CNNVD-202501-2862	CVE-2025-21529	中危	https://www.oracle.com/security-alerts/cpujan2025.html
36	Oracle MySQL Server 安全漏洞	CNNVD-202501-2863	CVE-2025-21567	中危	https://www.oracle.com/security-alerts/cpujan2025.html
37	Oracle MySQL 安全漏洞	CNNVD-202501-2864	CVE-2025-21523	中危	https://www.oracle.com/security-alerts/cpujan2025.html
38	Oracle MySQL 安全漏洞	CNNVD-202501-2865	CVE-2025-21503	中危	https://www.oracle.com/security-alerts/cpujan2025.html
39	Oracle MySQL 安全漏洞	CNNVD-202501-2866	CVE-2025-21499	中危	https://www.oracle.com/security-alerts/cpujan2025.html
40	Oracle MySQL 安全漏洞	CNNVD-202501-2867	CVE-2025-21505	中危	https://www.oracle.com/security-alerts/cpujan2025.html
41	Oracle MySQL 安全漏洞	CNNVD-202501-2868	CVE-2025-21525	中危	https://www.oracle.com/security-alerts/cpujan2025.html
42	Oracle MySQL 安全漏洞	CNNVD-202501-2869	CVE-2025-21543	中危	https://www.oracle.com/security-alerts/cpujan2025.html
43	Oracle MySQL Server 安全漏洞	CNNVD-202501-2870	CVE-2025-21491	中危	https://www.oracle.com/security-alerts/cpujan2025.html
44	Oracle MySQL Server 安全漏洞	CNNVD-202501-2871	CVE-2025-21490	中危	https://www.oracle.com/security-alerts/cpujan2025.html
45	Oracle MySQL 安全漏洞	CNNVD-202501-2872	CVE-2025-21531	中危	https://www.oracle.com/security-alerts/cpujan2025.html
46	Oracle MySQL 安全漏洞	CNNVD-202501-2873	CVE-2025-21540	中危	https://www.oracle.com/security-alerts/cpujan2025.html
47	Oracle MySQL 安全漏洞	CNNVD-202501-2874	CVE-2025-21555	中危	https://www.oracle.com/security-alerts/cpujan2025.html
48	Oracle MySQL 安全漏洞	CNNVD-202501-2875	CVE-2025-21548	中危	https://www.oracle.com/security-alerts/cpujan2025.html
49	Oracle MySQL 安全漏洞	CNNVD-202501-2876	CVE-2025-21497	中危	https://www.oracle.com/security-alerts/cpujan2025.html
50	Oracle MySQL 安全漏洞	CNNVD-202501-2877	CVE-2025-21559	中危	https://www.oracle.com/security-alerts/cpujan2025.html
51	Oracle MySQL Server 安全漏洞	CNNVD-202501-2878	CVE-2025-21522	中危	https://www.oracle.com/security-alerts/cpujan2025.html
52	Oracle MySQL 安全漏洞	CNNVD-202501-2879	CVE-2025-21500	中危	https://www.oracle.com/security-alerts/cpujan2025.html
53	Oracle MySQL 安全漏洞	CNNVD-202501-2880	CVE-2025-21501	中危	https://www.oracle.com/security-alerts/cpujan2025.html
54	Oracle MySQL 安全漏洞	CNNVD-202501-2881	CVE-2025-21518	中危	https://www.oracle.com/security-alerts/cpujan2025.html
55	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2882	CVE-2025-21517	中危	https://www.oracle.com/security-alerts/cpujan2025.html
56	Oracle MySQL 安全漏洞	CNNVD-202501-2883	CVE-2025-21566	中危	https://www.oracle.com/security-alerts/cpujan2025.html
57	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2884	CVE-2025-21514	中危	https://www.oracle.com/security-alerts/cpujan2025.html
58	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2885	CVE-2025-21507	中危	https://www.oracle.com/security-alerts/cpujan2025.html
59	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2886	CVE-2024-21245	中危	https://www.oracle.com/security-alerts/cpujan2025.html
60	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2887	CVE-2025-21538	中危	https://www.oracle.com/security-alerts/cpujan2025.html
61	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2888	CVE-2025-21513	中危	https://www.oracle.com/security-alerts/cpujan2025.html
62	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2889	CVE-2025-21512	中危	https://www.oracle.com/security-alerts/cpujan2025.html
63	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2890	CVE-2025-21527	中危	https://www.oracle.com/security-alerts/cpujan2025.html
64	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2891	CVE-2025-21509	中危	https://www.oracle.com/security-alerts/cpujan2025.html
65	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2892	CVE-2025-21508	中危	https://www.oracle.com/security-alerts/cpujan2025.html
66	Oracle JD Edwards Products 安全漏洞	CNNVD-202501-2893	CVE-2025-21552	中危	https://www.oracle.com/security-alerts/cpujan2025.html
67	Oracle Java SE 安全漏洞	CNNVD-202501-2899	CVE-2025-21502	中危	https://www.oracle.com/security-alerts/cpujan2025.html
68	Oracle Hyperion 安全漏洞	CNNVD-202501-2901	CVE-2025-21568	中危	https://www.oracle.com/security-alerts/cpujan2025.html
69	Oracle Hyperion 安全漏洞	CNNVD-202501-2902	CVE-2025-21569	中危	https://www.oracle.com/security-alerts/cpujan2025.html
70	Oracle Health Sciences Applications 安全漏洞	CNNVD-202501-2903	CVE-2025-21570	中危	https://www.oracle.com/security-alerts/cpujan2025.html
71	Oracle Fusion Middleware 安全漏洞	CNNVD-202501-2906	CVE-2025-21498	中危	https://www.oracle.com/security-alerts/cpujan2025.html
72	Oracle Financial Services Applications 安全漏洞	CNNVD-202501-2909	CVE-2025-21550	中危	https://www.oracle.com/security-alerts/cpujan2025.html
73	Oracle E-Business Suite 安全漏洞	CNNVD-202501-2910	CVE-2025-21541	中危	https://www.oracle.com/security-alerts/cpujan2025.html
74	Oracle E-Business Suite 安全漏洞	CNNVD-202501-2912	CVE-2025-21489	中危	https://www.oracle.com/security-alerts/cpujan2025.html
75	Oracle Construction and Engineering Suite 安全漏洞	CNNVD-202501-2914	CVE-2025-21528	中危	https://www.oracle.com/security-alerts/cpujan2025.html
76	Oracle Construction and Engineering Suite 安全漏洞	CNNVD-202501-2915	CVE-2025-21558	中危	https://www.oracle.com/security-alerts/cpujan2025.html
77	Oracle Construction and Engineering Suite 安全漏洞	CNNVD-202501-2916	CVE-2025-21526	中危	https://www.oracle.com/security-alerts/cpujan2025.html
78	Oracle Communications Order and Service Management 安全漏洞	CNNVD-202501-3041	CVE-2025-21554	中危	https://www.oracle.com/security-alerts/cpujan2025.html
79	Oracle Communications Applications 安全漏洞	CNNVD-202501-3053	CVE-2025-21544	中危	https://www.oracle.com/security-alerts/cpujan2025.html
80	Oracle Communications Order and Service Management 安全漏洞	CNNVD-202501-3063	CVE-2025-21542	中危	https://www.oracle.com/security-alerts/cpujan2025.html
81	Oracle Database Server 安全漏洞	CNNVD-202501-3080	CVE-2025-21553	中危	https://www.oracle.com/security-alerts/cpujan2025.html
82	Oracle Application Express 安全漏洞	CNNVD-202501-3083	CVE-2025-21557	中危	https://www.oracle.com/security-alerts/cpujan2025.html
83	Oracle MySQL 安全漏洞	CNNVD-202501-2852	CVE-2025-21546	低危	https://www.oracle.com/security-alerts/cpujan2025.html
84	Oracle MySQL Server 安全漏洞	CNNVD-202501-2853	CVE-2025-21520	低危	https://www.oracle.com/security-alerts/cpujan2025.html

此次更新共包括3个更新漏洞的补丁程序，其中高危漏洞2个，低危漏洞1个。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	官方链接
1	Oracle E-Business Suite Depot Repair 安全漏洞	CNNVD-202004-1051	CVE-2020-2849	高危	https://www.oracle.com/security-alerts/cpuapr2020.html
2	Oracle Agile PLM Framework 安全漏洞	CNNVD-202411-2373	CVE-2024-21287	高危	https://www.oracle.com/security-alerts/alert-cve-2024-21287.html
3	Oracle Java SE 安全漏洞	CNNVD-202410-1408	CVE-2024-21211	低危	https://www.oracle.com/security-alerts/cpuoct2024.html

此次更新共包括180个影响Oracle产品的其他厂商漏洞的补丁程序，其中超危漏洞12个，高危漏洞74个，中危漏洞86个，低危漏洞8个。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	厂商	官方链接
1	Vmware Spring Framework 代码问题漏洞	CNNVD-202001-046	CVE-2016-1000027	超危	Pivotal Software	https://pivotal.io/
2	Gradle 信任管理问题漏洞	CNNVD-201908-1076	CVE-2019-15052	超危	gradle	https://github.com/gradle/gradle/security/advisories/GHSA-4cwg-f7qc-6r95
3	Apache Xmlbeans 输入验证错误漏洞	CNNVD-202101-1146	CVE-2021-23926	超危	Apache基金会	https://issues.apache.org/jira/browse/XMLBEANS-517
4	SciPy 资源管理错误漏洞	CNNVD-202307-454	CVE-2023-29824	超危	Scipy社区	https://github.com/scipy/scipy/pull/15013
5	Terracotta Quartz Scheduler 代码注入漏洞	CNNVD-202307-2214	CVE-2023-39017	超危	个人开发者	https://github.com/quartz-scheduler/quartz/issues/943
6	Apache ActiveMQ 代码问题漏洞	CNNVD-202310-2332	CVE-2023-46604	超危	Apache基金会	https://activemq.apache.org/security-advisories.data/CVE-2023-46604-announcement.txt
7	curl 安全漏洞	CNNVD-202412-1372	CVE-2024-11053	超危	cURL	https://curl.se/docs/CVE-2024-11053.html
8	Apache Xerces-C 资源管理错误漏洞	CNNVD-202402-1469	CVE-2024-23807	超危	Apache	https://github.com/apache/xerces-c/pull/54
9	RequireJS 安全漏洞	CNNVD-202407-034	CVE-2024-38999	超危	RequireJS	https://github.com/requirejs/r.js
10	libexpat 安全漏洞	CNNVD-202408-2839	CVE-2024-45490	超危	libexpat	https://github.com/libexpat/libexpat
11	Apache Struts 安全漏洞	CNNVD-202412-1393	CVE-2024-53677	超危	Apache	https://struts.apache.org/core-developers/file-upload
12	Apache Tomcat 安全漏洞	CNNVD-202412-2573	CVE-2024-56337	超危	Apache	https://lists.apache.org/thread/b2b9qrgjrz1kvo4ym8y2wkfdvwoq6qbp
13	Apache Ant 安全漏洞	CNNVD-202010-015	CVE-2020-11979	高危	Apache基金会	https://lists.apache.org/thread.html/r107ea1b1a7a214bc72fe1a04207546ccef542146ae22952e1013b5cc@%3Cdev.creadur.apache.org%3E
14	libssh2 缓冲区错误漏洞	CNNVD-202308-1862	CVE-2020-22218	高危	个人开发者	https://github.com/libssh2/libssh2/pull/476
15	Libsvm 安全漏洞	CNNVD-202011-1785	CVE-2020-28975	高危	Libsvm	https://github.com/scikit-learn/scikit-learn/issues/18891
16	CodeMirror 资源管理错误漏洞	CNNVD-202010-1679	CVE-2020-7760	高危	Codemirror	https://github.com/codemirror/CodeMirror/commit/55d0333907117c9231ffdf555ae8824705993bbb
17	Gradle 安全漏洞	CNNVD-202104-983	CVE-2021-29428	高危	Gradle	https://docs.gradle.org/7.0/release-notes.html#security-advisori
18	Gradle 操作系统命令注入漏洞	CNNVD-202107-1554	CVE-2021-32751	高危	Gradle	https://github.com/gradle/gradle/security/advisories/GHSA-6j2p-252f-7mw8
19	JDOM 代码问题漏洞	CNNVD-202106-1323	CVE-2021-33813	高危	个人开发者	https://github.com/hunterhacker/jdom。
20	Intel OneApi Toolkits 代码问题漏洞	CNNVD-202302-1402	CVE-2022-26345	高危	Intel	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html
21	Apache Xalan 输入验证错误漏洞	CNNVD-202207-1617	CVE-2022-34169	高危	Apache基金会	https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw
22	Jettison 资源管理错误漏洞	CNNVD-202209-1233	CVE-2022-40150	高危	个人开发者	https://github.com/jettison-json/jettison/issues/45
23	Apache Commons FileUpload 安全漏洞	CNNVD-202302-1610	CVE-2023-24998	高危	Apache基金会	https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
24	Apache Hadoop 代码问题漏洞	CNNVD-202311-1444	CVE-2023-26031	高危	Apache基金会	https://lists.apache.org/thread/q9qpdlv952gb4kphpndd5phvl7fkh71r
25	Google Guava 安全漏洞	CNNVD-202306-1141	CVE-2023-2976	高危	Google	https://github.com/google/guava
26	gRPC 安全漏洞	CNNVD-202308-864	CVE-2023-33953	高危	gRPC	https://grpc.io/
27	Gradle 路径遍历漏洞	CNNVD-202306-2232	CVE-2023-35947	高危	Gradle	https://github.com/gradle/gradle/security/advisories/GHSA-84mw-qh6q-v842
28	Microsoft ODBC Driver 安全漏洞	CNNVD-202310-742	CVE-2023-36730	高危	Microsoft	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36730
29	Microsoft ODBC Driver 安全漏洞	CNNVD-202310-743	CVE-2023-36785	高危	Microsoft	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785
30	Node.js 数据伪造问题漏洞	CNNVD-202310-1128	CVE-2023-38552	高危	Nodejs	https://nodejs.org/en/blog/vulnerability/october-2023-security-releases
31	Apache Avro 代码问题漏洞	CNNVD-202309-2636	CVE-2023-39410	高危	Apache基金会	https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds
32	Samba 安全漏洞	CNNVD-202310-1009	CVE-2023-4091	高危	Samba	https://bugzilla.samba.org/show_bug.cgi?id=15439
33	urllib3 信息泄露漏洞	CNNVD-202310-281	CVE-2023-43804	高危	个人开发者	https://github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f
34	ISC BIND 安全漏洞	CNNVD-202402-1015	CVE-2023-4408	高危	ISC	https://kb.isc.org/docs/cve-2023-4408
35	Apache HTTP/2 资源管理错误漏洞	CNNVD-202310-667	CVE-2023-44487	高危	Apache基金会	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
36	HashiCorp Terraform 路径遍历漏洞	CNNVD-202309-693	CVE-2023-4782	高危	HashiCorp	https://discuss.hashicorp.com/t/hcsec-2023-27-terraform-allows-arbitrary-file-write-during-init-operation/58082
37	gRPC 安全漏洞	CNNVD-202309-981	CVE-2023-4785	高危	gRPC	https://github.com/grpc/grpc/releases/tag/v1.58.1
38	Knot Resolver 安全漏洞	CNNVD-202402-1126	CVE-2023-50868	高危	个人开发者	https://gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1
39	jose4j 安全漏洞	CNNVD-202402-2688	CVE-2023-51775	高危	Bitbucket	https://bitbucket.org/b_c/jose4j/downloads/
40	JFreeChart 安全漏洞	CNNVD-202404-1555	CVE-2023-52070	高危	个人开发者	https://www.jfree.org/jfreechart/
41	Connect2id Nimbus JOSE+JWT 安全漏洞	CNNVD-202402-845	CVE-2023-52428	高危	Connect2id	https://connect2id.com/products/nimbus-jose-jwt
42	Python 安全漏洞	CNNVD-202403-1882	CVE-2023-6597	高危	Python	https://github.com/python/cpython/commit/d54e22a669ae6e987199bb5d2c69bb5a46b0083b
43	Eclipse Parsson 安全漏洞	CNNVD-202407-1856	CVE-2023-7272	高危	Eclipse	https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/12
44	cpython 安全漏洞	CNNVD-202406-1925	CVE-2024-0397	高危	Python	https://github.com/gentoo/cpython/commit/a6a90cac7e1af91b032dcf0df13437857bc6c112
45	Gunicorn 环境问题漏洞	CNNVD-202404-2065	CVE-2024-1135	高危	Gunicorn	https://github.com/benoitc/gunicorn
46	Node.js 安全漏洞	CNNVD-202402-1467	CVE-2024-22019	高危	Node.js	https://nodejs.org/en/blog/vulnerability/february-2024-security-releases/#reading-unprocessed-http-request-with-unbounded-chunk-extension-allows-dos-attacks-cve-2024-22019---high
47	Spring Framework 安全漏洞	CNNVD-202404-2193	CVE-2024-22262	高危	Spring	https://spring.io/security/cve-2024-22262
48	Apache Tomcat 安全漏洞	CNNVD-202403-1180	CVE-2024-23672	高危	Apache	https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f
49	Apache Tomcat 输入验证错误漏洞	CNNVD-202403-1179	CVE-2024-24549	高危	Apache	https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg
50	Google Go 安全漏洞	CNNVD-202403-452	CVE-2024-24786	高危	Google	https://go-review.googlesource.com/c/protobuf/+/569356
51	OpenSSL 安全漏洞	CNNVD-202404-941	CVE-2024-2511	高危	OpenSSL	https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce
52	dnsjava 安全漏洞	CNNVD-202407-2260	CVE-2024-25638	高危	dnsjava	https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
53	python-cryptography 安全漏洞	CNNVD-202402-1783	CVE-2024-26130	高危	Cryptographic	https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55
54	Apache Kafka 安全漏洞	CNNVD-202404-1780	CVE-2024-27309	高危	Apache	https://lists.apache.org/thread/6536rmzyg076lzzdw2xdktvnz163mjpy
55	Node.js 安全漏洞	CNNVD-202404-991	CVE-2024-27983	高危	Node.js	https://nodejs.org/en/blog/vulnerability/april-2024-security-releases
56	libexpat 安全漏洞	CNNVD-202403-795	CVE-2024-28757	高危	libexpat	https://github.com/libexpat/libexpat/pull/842
57	Apache Commons Configuration 缓冲区错误漏洞	CNNVD-202403-2143	CVE-2024-29131	高危	Apache	https://lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37
58	Apache Commons Configuration 缓冲区错误漏洞	CNNVD-202403-2142	CVE-2024-29133	高危	Apache	https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2
59	Bouncy Castle 安全漏洞	CNNVD-202405-2601	CVE-2024-29857	高危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
60	glibc 安全漏洞	CNNVD-202405-1511	CVE-2024-33599	高危	GNU	https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005
61	glibc 安全漏洞	CNNVD-202404-3209	CVE-2024-33602	高危	GNU	https://sourceware.org/bugzilla/show_bug.cgi?id=31680
62	Apache Tomcat 安全漏洞	CNNVD-202407-326	CVE-2024-34750	高危	Apache	https://lists.apache.org/thread/4kqf0bc9gxymjc2x7v3p7dvplnl77y8l
63	RADIUS Protocol under RFC 2865 安全漏洞	CNNVD-202407-651	CVE-2024-3596	高危	RFC	https://www.rfc-editor.org/
64	Aircompressor 安全漏洞	CNNVD-202405-4798	CVE-2024-36114	高危	airlift	https://github.com/airlift/aircompressor/releases/tag/0.27
65	Node.js 安全漏洞	CNNVD-202409-508	CVE-2024-36138	高危	Node.js	https://nodejs.org/en/blog/vulnerability/july-2024-security-releases
66	MIT Kerberos 安全漏洞	CNNVD-202406-3113	CVE-2024-37370	高危	MIT	https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef
67	Apache HTTP Server 安全漏洞	CNNVD-202407-093	CVE-2024-38475	高危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
68	pdoc 安全漏洞	CNNVD-202406-2849	CVE-2024-38526	高危	mitmproxy	https://github.com/mitmproxy/pdoc/security/advisories/GHSA-5vgj-ggm4-fg62
69	VMware Spring Framework 安全漏洞	CNNVD-202409-1142	CVE-2024-38816	高危	VMware	https://spring.io/security/cve-2024-38816
70	VMware Spring Framework 安全漏洞	CNNVD-202410-3593	CVE-2024-38819	高危	VMware	https://docs.spring.io/spring-framework/reference/web/webmvc.html
71	Python 安全漏洞	CNNVD-202405-1639	CVE-2024-4030	高危	Python	https://github.com/python/cpython/commit/8ed546679524140d8282175411fd141fe7df070d
72	ImageMagick 安全漏洞	CNNVD-202407-2766	CVE-2024-41817	高危	ImageMagick	https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.1-36
73	libexpat 输入验证错误漏洞	CNNVD-202408-2842	CVE-2024-45491	高危	libexpat	https://github.com/libexpat/libexpat
74	libexpat 输入验证错误漏洞	CNNVD-202408-2841	CVE-2024-45492	高危	libexpat	https://github.com/libexpat/libexpat
75	Apache Lucene 代码问题漏洞	CNNVD-202409-2528	CVE-2024-45772	高危	Apache	https://lists.apache.org/thread/3f3oph7bqnqspb9q5p0gm5mgc1b6thjo
76	DOMPurify 安全漏洞	CNNVD-202409-1375	CVE-2024-45801	高危	个人开发者	https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674
77	XStream 安全漏洞	CNNVD-202411-823	CVE-2024-47072	高危	XStream	https://x-stream.github.io/CVE-2024-47072.html
78	OpenSSL 资源管理错误漏洞	CNNVD-202405-4739	CVE-2024-4741	高危	OpenSSL	https://github.com/openssl/openssl
79	Apache Commons IO 资源管理错误漏洞	CNNVD-202410-209	CVE-2024-47554	高危	Apache	https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1
80	Werkzeug 安全漏洞	CNNVD-202410-2923	CVE-2024-49767	高危	Pallets	https://github.com/pallets/werkzeug/releases/tag/3.0
81	Apache Tomcat 安全漏洞	CNNVD-202412-2256	CVE-2024-50379	高危	Apache	https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r
82	Red Hat Undertow 资源管理错误漏洞	CNNVD-202406-2368	CVE-2024-6162	高危	Red Hat	https://bugzilla.redhat.com/show_bug.cgi?id=2293069
83	Protocol Buffers 安全漏洞	CNNVD-202409-1841	CVE-2024-7254	高危	Protocol Buffers	http://protobuf.dev/
84	Python 安全漏洞	CNNVD-202408-1775	CVE-2024-7592	高危	Python	https://github.com/jeremyhylton/cpython/commit/1587608515127032778669c8232d46ec6d8f593c
85	Red Hat Undertow 竞争条件问题漏洞	CNNVD-202408-2070	CVE-2024-7885	高危	Red Hat	https://undertow.io/
86	PHP 安全漏洞	CNNVD-202410-620	CVE-2024-8927	高危	PHP	https://github.com/php/php-src/security/advisories/GHSA-94p6-54jq-9mwp
87	Gradle 安全特征问题漏洞	CNNVD-201904-522	CVE-2019-11065	中危	fedoraproject	https://github.com/gradle/gradle/pull/8927
88	Apache POI 代码问题漏洞	CNNVD-201910-1431	CVE-2019-12415	中危	Apache基金会	https://lists.apache.org/thread.html/13a54b6a03369cfb418a699180ffb83bd727320b6ddfec198b9b728e@<announce.apache.org>
89	Gradle PGP签名插件输入验证错误漏洞	CNNVD-201909-770	CVE-2019-16370	中危	gradle	https://github.com/gradle/gradle/pull/10543
90	Apache HttpClient 安全漏洞	CNNVD-202010-372	CVE-2020-13956	中危	Apache基金会	https://www.apache.org/
91	Gradle 安全漏洞	CNNVD-202104-642	CVE-2021-29429	中危	Gradle	https://github.com/gradle/gradle/security/advisories/GHSA-89qm-pxvm-p336
92	Memcached 缓冲区错误漏洞	CNNVD-202302-239	CVE-2021-37519	中危	个人开发者	https://github.com/memcached/memcached/pull/806/commits/264722ae4e248b453be00e97197dadc685b60fd0
93	Google Golang 资源管理错误漏洞	CNNVD-202302-2315	CVE-2022-41727	中危	Google	https://github.com/golang/go/issues/58003
94	SciPy 安全漏洞	CNNVD-202307-200	CVE-2023-25399	中危	SciPy	https://github.com/scipy/scipy/issues/16235
95	Python 输入验证错误漏洞	CNNVD-202304-1553	CVE-2023-27043	中危	Python基金会	https://www.python.org/
96	Google Golang 安全漏洞	CNNVD-202308-121	CVE-2023-29407	中危	Google	https://pkg.go.dev/vuln/GO-2023-1990
97	Google Golang 安全漏洞	CNNVD-202308-122	CVE-2023-29408	中危	Google	https://pkg.go.dev/vuln/GO-2023-1989
98	gRPC 安全漏洞	CNNVD-202306-707	CVE-2023-32732	中危	gRPC	https://github.com/grpc/grpc/pull/32309
99	Bouncy Castle 信任管理问题漏洞	CNNVD-202307-168	CVE-2023-33201	中危	Bouncy Castle	https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc
100	Bouncy Castle 资源管理错误漏洞	CNNVD-202311-1981	CVE-2023-33202	中危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
101	Gradle 路径遍历漏洞	CNNVD-202306-2235	CVE-2023-35946	中危	Gradle	https://github.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v
102	Apache HTTP Server 安全漏洞	CNNVD-202404-641	CVE-2023-38709	中危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
103	Samba 安全漏洞	CNNVD-202311-300	CVE-2023-3961	中危	Samba	https://www.samba.org/samba/security/CVE-2023-3961.html
104	Alertmanager 跨站脚本漏洞	CNNVD-202308-2049	CVE-2023-40577	中危	个人开发者	https://github.com/prometheus/alertmanager/security/advisories/GHSA-v86x-5fm3-5p7j
105	Gradle 代码问题漏洞	CNNVD-202310-415	CVE-2023-42445	中危	Gradle	https://github.com/gradle/gradle/security/advisories/GHSA-mrff-q8qj-xvg8
106	Samba 安全漏洞	CNNVD-202310-1008	CVE-2023-42669	中危	Samba	https://www.samba.org/samba/security/CVE-2023-42669.html
107	Gradle 安全漏洞	CNNVD-202310-352	CVE-2023-44387	中危	Gradle	https://github.com/gradle/gradle/security/advisories/GHSA-43r3-pqhv-f7h9
108	Apache Santuario 日志信息泄露漏洞	CNNVD-202310-1720	CVE-2023-44483	中危	Apache基金会	https://lists.apache.org/thread/vmqbp9mfxtrf0kmbnnmbn3h9j6dr9q55
109	urllib3 信息泄露漏洞	CNNVD-202310-1359	CVE-2023-45803	中危	urllib3	https://github.com/urllib3/urllib3/security/advisories/GHSA-g4mx-q9vg-27p4
110	curl 安全漏洞	CNNVD-202312-490	CVE-2023-46218	中危	curl	https://curl.se/docs/CVE-2023-46218.html
111	curl 安全漏洞	CNNVD-202312-499	CVE-2023-46219	中危	curl	https://curl.se/docs/CVE-2023-46219.html
112	OpenSSH 安全漏洞	CNNVD-202312-1668	CVE-2023-48795	中危	OpenBSD	https://www.openssh.com/openbsd.html
113	Apache Portable Runtime 安全漏洞	CNNVD-202408-2479	CVE-2023-49582	中危	Apache	https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4
114	python-cryptography 安全漏洞	CNNVD-202312-1318	CVE-2023-50782	中危	Cryptographic团队	https://cryptography.io/en/latest/
115	Jayway JsonPath 安全漏洞	CNNVD-202312-2349	CVE-2023-51074	中危	json-path	https://github.com/json-path/JsonPath/issues/973
116	OpenSSL 代码问题漏洞	CNNVD-202311-423	CVE-2023-5678	中危	OpenSSL	https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
117	GnuTLS 安全漏洞	CNNVD-202311-1944	CVE-2023-5981	中危	个人开发者	https://gitlab.com/gnutls/gnutls/-/commit/29d6298d0b04cfff970b993915db71ba3f580b6d
118	OpenSSL 安全漏洞	CNNVD-202401-736	CVE-2023-6129	中危	OpenSSL	https://www.openssl.org/news/secadv/20240109.txt
119	libpcap 资源管理错误漏洞	CNNVD-202408-2896	CVE-2023-7256	中危	Tcpdump	https://github.com/the-tcpdump-group/libpcap/commit/262e4f34979872d822ccedf9f318ed89c4d31c03
120	SQLite 安全漏洞	CNNVD-202401-1406	CVE-2024-0232	中危	个人开发者	https://sqlite.org/forum/forumpost/4aa381993a
121	Python 安全漏洞	CNNVD-202403-1880	CVE-2024-0450	中危	Python	https://github.com/python/cpython/commit/30fe5d853b56138dbec62432d370a1f99409fc85
122	Grafana 安全漏洞	CNNVD-202403-664	CVE-2024-1442	中危	Grafana	https://grafana.com/grafana/download/10.3.4
123	Node.js 安全漏洞	CNNVD-202407-536	CVE-2024-22020	中危	Node.js	https://nodejs.org/en/blog/vulnerability/july-2024-security-releases
124	Jinja 跨站脚本漏洞	CNNVD-202401-963	CVE-2024-22195	中危	个人开发者	https://github.com/pallets/jinja/releases/tag/3.1.3
125	OWASP AntiSamy 跨站脚本漏洞	CNNVD-202402-204	CVE-2024-23635	中危	OWASP	https://github.com/nahsra/antisamy/releases/tag/v1.7.5
126	Google Go 安全漏洞	CNNVD-202406-377	CVE-2024-24789	中危	Google	https://go.dev/dl/
127	Google Go 安全漏洞	CNNVD-202406-376	CVE-2024-24790	中危	Google	https://go.dev/dl/
128	Google Golang 安全漏洞	CNNVD-202407-266	CVE-2024-24791	中危	Google	https://go.dev/issue/67555
129	Apache Commons Compress 安全漏洞	CNNVD-202402-1528	CVE-2024-25710	中危	Apache	https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
130	Apache Commons Compress 安全漏洞	CNNVD-202402-1527	CVE-2024-26308	中危	Apache	https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg
131	StringIO 安全漏洞	CNNVD-202403-2225	CVE-2024-27280	中危	The Ruby Programming Language	https://rubygems.org/gems/stringio/versions/3.0
132	RDoc 安全漏洞	CNNVD-202403-2218	CVE-2024-27281	中危	The Ruby Programming Language	https://rubygems.org/gems/rdoc/versions/6.3.4.1
133	Ruby 安全漏洞	CNNVD-202405-2558	CVE-2024-27282	中危	个人开发者	https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
134	Pillow 安全漏洞	CNNVD-202404-098	CVE-2024-28219	中危	Pillow	https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.ht
135	GnuTLS 信息泄露漏洞	CNNVD-202403-2176	CVE-2024-28834	中危	GnuTLS	https://gnutls.org/download.html
136	GnuTLS 安全漏洞	CNNVD-202403-2145	CVE-2024-28835	中危	GnuTLS	https://gitlab.com/gnutls/gnutls/-/commit/4a4cefef6c194f8fbbffd7fb19651219421b085b
137	Follow Redirects 信息泄露漏洞	CNNVD-202403-1332	CVE-2024-28849	中危	个人开发者	https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp
138	Netty 安全漏洞	CNNVD-202403-2434	CVE-2024-29025	中危	Netty	https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c
139	Express.js 安全漏洞	CNNVD-202403-2433	CVE-2024-29041	中危	Express.js	https://github.com/expressjs/express/releases/tag/v5.0.0-beta
140	GNU C Library 安全漏洞	CNNVD-202404-2641	CVE-2024-2961	中危	GNU	https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0004
141	Bouncy Castle 安全漏洞	CNNVD-202405-2620	CVE-2024-30171	中危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
142	Bouncy Castle 安全漏洞	CNNVD-202405-2618	CVE-2024-30172	中危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
143	glibc 安全漏洞	CNNVD-202404-3208	CVE-2024-33600	中危	GNU	https://sourceware.org/bugzilla/show_bug.cgi?id=31678
144	glibc 安全漏洞	CNNVD-202404-3210	CVE-2024-33601	中危	GNU	https://sourceware.org/bugzilla/show_bug.cgi?id=31679
145	Pallets Jinja 安全漏洞	CNNVD-202405-1436	CVE-2024-34064	中危	Pallets	https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj
146	Bouncy Castle 安全漏洞	CNNVD-202405-1283	CVE-2024-34447	中危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
147	Requests 安全漏洞	CNNVD-202405-3594	CVE-2024-35195	中危	Python	https://github.com/psf/requests/releases/tag/v2.32
148	MIT Kerberos 安全漏洞	CNNVD-202406-3108	CVE-2024-37371	中危	MIT	https://github.com/krb5/krb5/commit/55fbf435edbe2e92dd8101669b1ce7144bc96fef
149	urllib3 安全漏洞	CNNVD-202406-1954	CVE-2024-37891	中危	urllib3	https://github.com/urllib3/urllib3/security/advisories/GHSA-34jh-p97f-mpxf
150	Apache HTTP Server 安全漏洞	CNNVD-202407-095	CVE-2024-38473	中危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
151	VMware Spring Boot 安全漏洞	CNNVD-202408-2284	CVE-2024-38807	中危	VMware	https://spring.io/security/cve-2024-38807
152	VMware Spring Framework 安全漏洞	CNNVD-202409-2323	CVE-2024-38809	中危	VMware	https://spring.io/security/cve-2024-38809
153	VMware Spring Security 安全漏洞	CNNVD-202412-142	CVE-2024-38827	中危	VMware	https://spring.io/security/cve-2024-38827
154	RequireJS 安全漏洞	CNNVD-202407-032	CVE-2024-38998	中危	RequireJS	https://github.com/requirejs/r.js
155	cpython 安全漏洞	CNNVD-202406-1905	CVE-2024-4032	中危	Python	https://github.com/python/cpython/commit/895f7e2ac23eff4743143beef0f0c5ac71ea27d3
156	Apache HTTP Server 代码问题漏洞	CNNVD-202407-1910	CVE-2024-40898	中危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
157	Snowflake JDBC 安全漏洞	CNNVD-202410-3498	CVE-2024-43382	中危	Snowflake	https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-f686-hw9c-xw9c
158	Netty 资源管理错误漏洞	CNNVD-202411-1363	CVE-2024-47535	中危	Netty	https://github.com/netty/netty/releases/tag/netty-4.1.115.Final
159	Apache Avro 代码问题漏洞	CNNVD-202410-208	CVE-2024-47561	中危	Apache	https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x
160	Jenkins 安全漏洞	CNNVD-202410-173	CVE-2024-47803	中危	Jenkins	https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3451
161	Jenkins 安全漏洞	CNNVD-202410-172	CVE-2024-47804	中危	Jenkins	https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448
162	Werkzeug 路径遍历漏洞	CNNVD-202410-2920	CVE-2024-49766	中危	Pallets	https://github.com/pallets/werkzeug/releases/tag/3.0
163	libexpat 安全漏洞	CNNVD-202410-2993	CVE-2024-50602	中危	libexpat	https://github.com/libexpat/libexpat
164	Apache Tomcat 安全漏洞	CNNVD-202411-2306	CVE-2024-52316	中危	Apache	https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928
165	Apache Tomcat 安全漏洞	CNNVD-202412-2255	CVE-2024-54677	中危	Apache	https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n
166	OpenSSL 安全漏洞	CNNVD-202409-141	CVE-2024-6119	中危	OpenSSL	https://openssl-library.org/news/secadv/20240903.txt
167	CPython 安全漏洞	CNNVD-202409-120	CVE-2024-6232	中危	Python	https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf
168	Eclipse Jetty 安全漏洞	CNNVD-202410-1360	CVE-2024-6763	中危	Eclipse	https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh
169	Python 安全漏洞	CNNVD-202408-046	CVE-2024-6923	中危	Python	https://github.com/python/cpython
170	libpcap 代码问题漏洞	CNNVD-202408-2898	CVE-2024-8006	中危	Tcpdump	https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6
171	Python 安全漏洞	CNNVD-202408-2250	CVE-2024-8088	中危	Python	https://mail.python.org/archives/list/security-announce@python.org/thread/GNFCKVI4TCATKQLALJ5SN4L4CSPSMILU/
172	curl 安全漏洞	CNNVD-202409-868	CVE-2024-8096	中危	cURL	https://curl.se/docs/CVE-2024-8096.html
173	OpenSSL 安全漏洞	CNNVD-202401-2353	CVE-2024-0727	低危	OpenSSL	https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
174	Node.js 安全漏洞	CNNVD-202407-1007	CVE-2024-22018	低危	Node.js	https://nodejs.org/en/blog/vulnerability/july-2024-security-releases
175	Node.js 安全漏洞	CNNVD-202409-509	CVE-2024-36137	低危	Node.js	https://nodejs.org/en/blog/vulnerability/july-2024-security-releases
176	Node.js 安全漏洞	CNNVD-202501-1044	CVE-2024-37372	低危	Node.js	https://nodejs.org/en/blog/vulnerability/july-2024-security-releases
177	VMware Spring Framework 安全漏洞	CNNVD-202410-1928	CVE-2024-38820	低危	VMware	https://spring.io/security/cve-2024-38820
178	OpenSSL 安全漏洞	CNNVD-202405-2902	CVE-2024-4603	低危	OpenSSL	https://www.openssl.org/news/secadv/20240516.txt
179	OpenSSL 安全漏洞	CNNVD-202406-2936	CVE-2024-5535	低危	OpenSSL	https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87
180	OpenSSL 缓冲区错误漏洞	CNNVD-202410-1698	CVE-2024-9143	低危	OpenSSL	https://openssl-library.org/news/secadv/20241016.txt

三
修复建议

目前，Oracle官方已经发布补丁修复了上述漏洞，建议用户及时确认漏洞影响，尽快采取修补措施。Oracle官方补丁下载地址：

https://www.oracle.com/security-alerts/cpujan2025.html

CNNVD将继续跟踪上述漏洞的相关情况，及时发布相关信息。如有需要，可与CNNVD联系。

联系方式：cnnvd@itsec.gov.cn

（来源：CNNVD）

分享网络安全知识强化网络安全意识

欢迎关注《中国信息安全》杂志官方抖音号

《中国信息安全》杂志倾力推荐

“企业成长计划”

点击下图了解详情

中国信息安全

《中国信息安全》杂志，介绍国内外最新网络安全动态，深度解读网络安全事件。

CNNVD | 关于Oracle多个安全漏洞的通报

一 漏洞介绍

二漏洞详情

三修复建议

一
漏洞介绍

二
漏洞详情

三
修复建议