国家漏洞库CNNVD：关于Oracle多个安全漏洞的通报

责编：gltian ｜2025-04-17 16:08:06

近日，Oracle官方发布了多个安全漏洞的公告，其中Oracle产品本身漏洞74个，影响到Oracle产品的其他厂商漏洞200个。Oracle Mysql、Oracle JD Edwards EnterpriseOne Tools、Oracle MySQL Server、Oracle Java SE等多个产品和系统受漏洞影响。目前，Oracle官方已经发布了漏洞修复补丁，建议用户及时确认是否受到漏洞影响，尽快采取修补措施。

一、漏洞介绍

2025年4月15日，Oracle发布了2025年4月份安全更新，共274个漏洞的补丁程序，CNNVD对这些漏洞进行了收录。本次更新主要涵盖了Oracle Mysql 和 Mysql 组件、Oracle JD Edwards EnterpriseOne Tools、Oracle MySQL Server、Oracle Java SE、Oracle Secure Backup、Oracle MySQL等。CNNVD对其危害等级进行了评价，其中超危漏洞17个，高危漏洞87个，中危漏洞157个，低危漏洞13个。

Oracle多个产品和系统版本受漏洞影响，具体影响范围可访问Oracle官方网站查询：

https://www.oracle.com/security-alerts/cpuapr2025.html

二、漏洞详情

此次更新共274个漏洞的补丁程序，包括73个新增漏洞的补丁程序、1个更新漏洞的补丁程序和200个影响Oracle产品的其他厂商漏洞的补丁程序。

此次更新共包括73个新增漏洞的补丁程序，其中超危漏洞1个，高危漏洞14个，中危漏洞54个，低危漏洞4个。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	官方链接
1	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2170	CVE-2025-30727	超危	https://www.oracle.com/security-alerts/cpuapr2025.html
2	Oracle VM VirtualBox 安全漏洞	CNNVD-202504-2108	CVE-2025-30712	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
3	Oracle Solaris 安全漏洞	CNNVD-202504-2110	CVE-2025-30690	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
4	Oracle PeopleSoft 安全漏洞	CNNVD-202504-2113	CVE-2025-30735	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
5	Oracle MySQL 安全漏洞	CNNVD-202504-2144	CVE-2025-30706	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
6	Oracle Java SE 安全漏洞	CNNVD-202504-2150	CVE-2025-21587	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
7	Oracle Analytics 安全漏洞	CNNVD-202504-2153	CVE-2025-30724	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
8	Oracle Food and Beverage Applications 安全漏洞	CNNVD-202504-2154	CVE-2025-30686	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
9	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2165	CVE-2025-30708	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
10	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2166	CVE-2025-30707	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
11	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2167	CVE-2025-30728	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
12	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2168	CVE-2025-30716	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
13	Oracle Application Object Library 安全漏洞	CNNVD-202504-2169	CVE-2025-30730	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
14	Oracle Database Server 安全漏洞	CNNVD-202504-2302	CVE-2025-30701	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
15	Oracle Database Server 安全漏洞	CNNVD-202504-2305	CVE-2025-30736	高危	https://www.oracle.com/security-alerts/cpuapr2025.html
16	Oracle Virtualization 安全漏洞	CNNVD-202504-2106	CVE-2025-30719	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
17	Oracle Virtualization 安全漏洞	CNNVD-202504-2107	CVE-2025-30725	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
18	Oracle PeopleSoft 安全漏洞	CNNVD-202504-2111	CVE-2025-30697	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
19	Oracle PeopleSoft 安全漏洞	CNNVD-202504-2112	CVE-2025-30713	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
20	Oracle MySQL Server 安全漏洞	CNNVD-202504-2116	CVE-2025-30721	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
21	Oracle MySQL 安全漏洞	CNNVD-202504-2117	CVE-2025-30704	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
22	Oracle MySQL 安全漏洞	CNNVD-202504-2118	CVE-2025-30714	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
23	Oracle MySQL 安全漏洞	CNNVD-202504-2119	CVE-2025-30699	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
24	Oracle MySQL Server 安全漏洞	CNNVD-202504-2120	CVE-2025-30685	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
25	Oracle MySQL 安全漏洞	CNNVD-202504-2121	CVE-2025-30684	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
26	Oracle MySQL 安全漏洞	CNNVD-202504-2122	CVE-2025-30683	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
27	Oracle MySQL 安全漏洞	CNNVD-202504-2123	CVE-2025-30705	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
28	Oracle MySQL 安全漏洞	CNNVD-202504-2124	CVE-2025-30696	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
29	Oracle MySQL Server 安全漏洞	CNNVD-202504-2125	CVE-2025-21579	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
30	Oracle MySQL 安全漏洞	CNNVD-202504-2126	CVE-2025-30689	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
31	Oracle MySQL Server 安全漏洞	CNNVD-202504-2127	CVE-2025-21585	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
32	Oracle MySQL 安全漏洞	CNNVD-202504-2128	CVE-2025-21581	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
33	Oracle MySQL 安全漏洞	CNNVD-202504-2129	CVE-2025-21588	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
34	Oracle MySQL 安全漏洞	CNNVD-202504-2130	CVE-2025-21580	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
35	Oracle MySQL 安全漏洞	CNNVD-202504-2131	CVE-2025-21584	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
36	Oracle MySQL 安全漏洞	CNNVD-202504-2132	CVE-2025-21583	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
37	Oracle MySQL 安全漏洞	CNNVD-202504-2133	CVE-2025-30715	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
38	Oracle MySQL 安全漏洞	CNNVD-202504-2134	CVE-2025-30710	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
39	Oracle MySQL 安全漏洞	CNNVD-202504-2135	CVE-2025-30695	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
40	Oracle MySQL Server 安全漏洞	CNNVD-202504-2136	CVE-2025-30693	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
41	Oracle MySQL Server 安全漏洞	CNNVD-202504-2137	CVE-2025-30688	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
42	Oracle MySQL 安全漏洞	CNNVD-202504-2138	CVE-2025-30722	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
43	Oracle MySQL 安全漏洞	CNNVD-202504-2139	CVE-2025-30687	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
44	Oracle MySQL 安全漏洞	CNNVD-202504-2140	CVE-2025-30682	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
45	Oracle MySQL 安全漏洞	CNNVD-202504-2141	CVE-2025-21577	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
46	Oracle MySQL Server 安全漏洞	CNNVD-202504-2142	CVE-2025-21574	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
47	Oracle MySQL 安全漏洞	CNNVD-202504-2143	CVE-2025-21575	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
48	Oracle JD Edwards Products 安全漏洞	CNNVD-202504-2145	CVE-2025-30709	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
49	Oracle JD Edwards EnterpriseOne Tools 安全漏洞	CNNVD-202504-2146	CVE-2025-21586	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
50	Oracle JD Edwards Products 安全漏洞	CNNVD-202504-2147	CVE-2025-30740	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
51	Oracle Java SE 安全漏洞	CNNVD-202504-2148	CVE-2025-30698	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
52	Oracle Java SE和Oracle GraalVM 安全漏洞	CNNVD-202504-2149	CVE-2025-30691	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
53	Oracle Smart View for Office 安全漏洞	CNNVD-202504-2151	CVE-2025-30737	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
54	Oracle Analytics 安全漏洞	CNNVD-202504-2152	CVE-2025-30723	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
55	Oracle Financial Services Applications 安全漏洞	CNNVD-202504-2155	CVE-2025-21573	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
56	Oracle Application Object Library 安全漏洞	CNNVD-202504-2157	CVE-2025-30726	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
57	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2158	CVE-2025-30718	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
58	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2159	CVE-2025-30711	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
59	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2160	CVE-2025-21582	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
60	Oracle Configurator 安全漏洞	CNNVD-202504-2161	CVE-2025-30720	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
61	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2162	CVE-2025-30732	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
62	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2163	CVE-2025-30717	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
63	Oracle iSupplier Portal 安全漏洞	CNNVD-202504-2164	CVE-2025-30692	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
64	Oracle Commerce 安全漏洞	CNNVD-202504-2290	CVE-2025-21576	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
65	Oracle Secure Backup 安全漏洞	CNNVD-202504-2291	CVE-2025-21578	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
66	Oracle Communications Applications 安全漏洞	CNNVD-202504-2292	CVE-2025-30729	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
67	Oracle Database Server 安全漏洞	CNNVD-202504-2301	CVE-2025-30694	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
68	Oracle Database Server 安全漏洞	CNNVD-202504-2303	CVE-2025-30702	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
69	Oracle Database Server 安全漏洞	CNNVD-202504-2304	CVE-2025-30733	中危	https://www.oracle.com/security-alerts/cpuapr2025.html
70	Oracle Solaris 安全漏洞	CNNVD-202504-2109	CVE-2025-30700	低危	https://www.oracle.com/security-alerts/cpuapr2025.html
71	Oracle MySQL Server 安全漏洞	CNNVD-202504-2114	CVE-2025-30681	低危	https://www.oracle.com/security-alerts/cpuapr2025.html
72	Oracle MySQL 安全漏洞	CNNVD-202504-2115	CVE-2025-30703	低危	https://www.oracle.com/security-alerts/cpuapr2025.html
73	Oracle E-Business Suite 安全漏洞	CNNVD-202504-2156	CVE-2025-30731	低危	https://www.oracle.com/security-alerts/cpuapr2025.html

此次更新共包括1个更新漏洞的补丁程序，其中中危漏洞1个。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	官方链接
1	Oracle Java SE 安全漏洞	CNNVD-202501-2899	CVE-2025-21502	中危	https://www.oracle.com/security-alerts/cpujan2025.html

此次更新共包括200个影响Oracle产品的其他厂商漏洞的补丁程序，其中超危漏洞16个，高危漏洞73个，中危漏洞102个，低危漏洞9个。

序号	漏洞名称	CNNVD编号	CVE编号	危害等级	厂商	官方链接
1	Vmware Spring Framework 代码问题漏洞	CNNVD-202001-046	CVE-2016-1000027	超危	Pivotal Software	https://pivotal.io/
2	Apache Tomcat 安全漏洞	CNNVD-202002-1052	CVE-2020-1938	超危	Apache基金会	http://tomcat.apache.org/
3	dojo 安全漏洞	CNNVD-202112-1483	CVE-2021-23450	超危	个人开发者	https://github.com/dojo/dojo
4	Sanitize 输入验证错误漏洞	CNNVD-202110-1259	CVE-2021-42575	超危	个人开发者	https://owasp.org/www-project-java-html-sanitizer/
5	Dell BSAFE 安全漏洞	CNNVD-202402-197	CVE-2022-34381	超危	Dell	https://www.dell.com/support/kbdoc/en-us/000203278/dsa-2022-208-dell-bsafe-ssl-j-6-5-and-7-1-and-dell-bsafe-crypto-j-6-2-6-1-and-7-0-security-vulnerability
6	Apache MINA 代码问题漏洞	CNNVD-202211-2918	CVE-2022-45047	超危	Apache基金会	https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
7	Apache Axis 输入验证错误漏洞	CNNVD-202309-348	CVE-2023-40743	超危	Apache基金会	https://lists.apache.org/thread/gs0qgk2mgss7zfhzdd6ftfjvm4kp7v82
8	Apache Xerces-C 资源管理错误漏洞	CNNVD-202402-1469	CVE-2024-23807	超危	Apache	https://github.com/apache/xerces-c/pull/54
9	RequireJS 安全漏洞	CNNVD-202407-034	CVE-2024-38999	超危	RequireJS	https://github.com/requirejs/r.js
10	libxml2 代码问题漏洞	CNNVD-202407-3194	CVE-2024-40896	超危	GNOME	https://gitlab.gnome.org/GNOME/libxml2
11	Jenkins 安全漏洞	CNNVD-202408-533	CVE-2024-43044	超危	Jenkins	https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3430
12	Apache MINA 安全漏洞	CNNVD-202412-2747	CVE-2024-52046	超危	Apache	https://lists.apache.org/thread/4wxktgjpggdbto15d515wdctohb0qmv8
13	Apache Tomcat 安全漏洞	CNNVD-202411-2306	CVE-2024-52316	超危	Apache	https://lists.apache.org/thread/lopzlqh91jj9n334g02om08sbysdb928
14	Apache Tomcat 安全漏洞	CNNVD-202412-2573	CVE-2024-56337	超危	Apache	https://lists.apache.org/thread/b2b9qrgjrz1kvo4ym8y2wkfdvwoq6qbp
15	Kubernetes ingress-nginx 安全漏洞	CNNVD-202503-2826	CVE-2025-1974	超危	Cloud Native Computing Foundation	https://github.com/kubernetes/ingress-nginx/releases/tag/controller-v1.12.1
16	Apache Tomcat 环境问题漏洞	CNNVD-202503-1068	CVE-2025-24813	超危	Apache	https://lists.apache.org/thread/j5fkjv2k477os90nczf2v9l61fb0kkgq
17	Apache Tomcat 资源管理错误漏洞	CNNVD-202006-1717	CVE-2020-11996	高危	Apache基金会	https://lists.apache.org/thread.html/r5541ef6b6b68b49f76fc4c45695940116da2bcbe0312ef204a00a2e0%40%3Cannounce.tomcat.apache.org%3E
18	Apache Tomcat 安全漏洞	CNNVD-202007-571	CVE-2020-13935	高危	Apache基金会	https://lists.apache.org/thread.html/rd48c72bd3255bda87564d4da3791517c074d94f8a701f93b85752651%40%3Cannounce.tomcat.apache.org%3E
19	Iteris Apache Velocity 安全漏洞	CNNVD-202103-758	CVE-2020-13936	高危	Iteris	https://lists.apache.org/thread.html/r01043f584cbd47959fabe18fff64de940f81a65024bb8dddbda31d9a%40%3Cuser.velocity.apache.org%3E
20	Fasterxml Jackson 代码问题漏洞	CNNVD-202010-622	CVE-2020-25649	高危	Fasterxml	https://github.com/FasterXML/jackson-databind/commit/612f971b78c60202e9cd75a299050c8f2d724a59
21	FasterXML jackson-databind 缓冲区错误漏洞	CNNVD-202203-1165	CVE-2020-36518	高危	个人开发者	https://github.com/FasterXML/jackson-databind/issues/2816
22	Apache Tomcat 代码问题漏洞	CNNVD-202005-1078	CVE-2020-9484	高危	Apache基金会	https://tomcat.apache.org/security.html
23	Apache Tomcat 信息泄露漏洞	CNNVD-202103-008	CVE-2021-25122	高危	Apache基金会	https://lists.apache.org/thread.html/r7b95bc248603360501f18c8eb03bb6001ec0ee3296205b34b07105b7%40%3Cannounce.tomcat.apache.org%3E
24	Apache Tomcat 安全漏洞	CNNVD-202103-006	CVE-2021-25329	高危	Apache基金会	https://lists.apache.org/thread.html/rfe62fbf9d4c314f166fe8c668e50e5d9dd882a99447f26f0367474bf%40%3Cannounce.tomcat.apache.org%3E
25	Github json-smart-v1 缓冲区错误漏洞	CNNVD-202106-103	CVE-2021-31684	高危	个人开发者	https://github.com/netplex
26	Github jsoup 安全漏洞	CNNVD-202108-1636	CVE-2021-37714	高危	个人开发者	https://github.com/jhy/jsoup/security/advisories/GHSA-m72m-mhq2-9p6c
27	Apache Tomcat 输入验证错误漏洞	CNNVD-202109-1018	CVE-2021-41079	高危	Apache基金会	https://lists.apache.org/thread/p7fk5kk0662prhj71nyqhs1lhjs7fwbb
28	FasterXML jackson-databind 安全漏洞	CNNVD-202303-1466	CVE-2021-46877	高危	FasterXML	https://github.com/FasterXML/jackson-databind/issues/3328
29	Apache Tomcat 代码问题漏洞	CNNVD-202205-3290	CVE-2022-25762	高危	Apache基金会	https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c
30	Apache Xalan 输入验证错误漏洞	CNNVD-202207-1617	CVE-2022-34169	高危	Apache基金会	https://lists.apache.org/thread/12pxy4phsry6c34x2ol4fft6xlho4kyw
31	OpenSSL 安全漏洞	CNNVD-202210-2604	CVE-2022-3786	高危	OpenSSL团队	https://www.openssl.org/news/secadv/20221101.txt
32	FasterXML jackson-databind 代码问题漏洞	CNNVD-202210-007	CVE-2022-42003	高危	FasterXML	https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
33	FasterXML jackson-databind 代码问题漏洞	CNNVD-202210-006	CVE-2022-42004	高危	FasterXML	https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
34	Apache Tomcat 环境问题漏洞	CNNVD-202210-2602	CVE-2022-42252	高危	Apache基金会	https://tomcat.apache.org/security-8.html
35	netplex json-smart 安全漏洞	CNNVD-202303-1658	CVE-2023-1370	高危	netplex	https://netplex.github.io/json-smart/
36	Apache Commons FileUpload 安全漏洞	CNNVD-202302-1610	CVE-2023-24998	高危	Apache基金会	https://lists.apache.org/thread/4xl4l09mhwg4vgsk7dxqogcjrobrrdoy
37	Apache Log4j 代码问题漏洞	CNNVD-202303-736	CVE-2023-26464	高危	Apache基金会	https://lists.apache.org/thread/wkx6grrcjkh86crr49p4blc1v1nflj3t
38	Spring Framework 安全漏洞	CNNVD-202311-2123	CVE-2023-34053	高危	Spring团队	https://github.com/spring-projects/spring-framework/releases/tag/v6.0.
39	HCL BigFix Platform 输入验证错误漏洞	CNNVD-202310-848	CVE-2023-37536	高危	HCL Technologies	https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791
40	Apache Avro 代码问题漏洞	CNNVD-202309-2636	CVE-2023-39410	高危	Apache基金会	https://lists.apache.org/thread/q142wj99cwdd0jo5lvdoxzoymlqyjdds
41	Apache HTTP/2 资源管理错误漏洞	CNNVD-202310-667	CVE-2023-44487	高危	Apache基金会	https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q
42	Apache Tomcat 环境问题漏洞	CNNVD-202311-2168	CVE-2023-46589	高危	Apache基金会	https://lists.apache.org/thread/0rqq6ktozqc42ro8hhxdmmdjm1k1tpxr
43	Apache Axis 代码问题漏洞	CNNVD-202401-361	CVE-2023-51441	高危	Apache基金会	https://lists.apache.org/thread/8nrm5thop8f82pglx4o0jg8wmvy6d9yd
44	Connect2id Nimbus JOSE+JWT 安全漏洞	CNNVD-202402-845	CVE-2023-52428	高危	Connect2id	https://connect2id.com/products/nimbus-jose-jwt
45	Red Hat XNIO 资源管理错误漏洞	CNNVD-202403-455	CVE-2023-5685	高危	Red Hat	https://github.com/xnio/xnio/tags
46	Gunicorn 环境问题漏洞	CNNVD-202404-2065	CVE-2024-1135	高危	Gunicorn	https://github.com/benoitc/gunicorn
47	cross-spawn 安全漏洞	CNNVD-202411-830	CVE-2024-21538	高危	MOXY	https://github.com/moxystudio/node-cross-spawn
48	Spring Framework 安全漏洞	CNNVD-202402-1929	CVE-2024-22243	高危	Spring	https://spring.io/projects/spring-framework#support
49	Apache Tomcat 安全漏洞	CNNVD-202403-1180	CVE-2024-23672	高危	Apache	https://lists.apache.org/thread/cmpswfx6tj4s7x0nxxosvfqs11lvdx2f
50	Apache Tomcat 输入验证错误漏洞	CNNVD-202403-1179	CVE-2024-24549	高危	Apache	https://lists.apache.org/thread/4c50rmomhbbsdgfjsgwlb51xdwfjdcvg
51	dnsjava 安全漏洞	CNNVD-202407-2260	CVE-2024-25638	高危	dnsjava	https://github.com/dnsjava/dnsjava/security/advisories/GHSA-cfxw-4h78-h7fw
52	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202501-2261	CVE-2024-27856	高危	Apple	https://support.apple.com/en-us/120905
53	Apache XML Graphics FOP 代码问题漏洞	CNNVD-202410-904	CVE-2024-28168	高危	Apache	https://xmlgraphics.apache.org/security.html
54	Apache Commons Configuration 缓冲区错误漏洞	CNNVD-202403-2143	CVE-2024-29131	高危	Apache	https://lists.apache.org/thread/03nzzzjn4oknyw5y0871tw7ltj0t3r37
55	Apache Commons Configuration 缓冲区错误漏洞	CNNVD-202403-2142	CVE-2024-29133	高危	Apache	https://lists.apache.org/thread/ccb9w15bscznh6tnp3wsvrrj9crbszh2
56	Bouncy Castle 安全漏洞	CNNVD-202405-2601	CVE-2024-29857	高危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
57	Bouncy Castle 安全漏洞	CNNVD-202405-2618	CVE-2024-30172	高危	Bouncy Castle	https://www.bouncycastle.org/latest_releases.html
58	Apache Kafka 安全漏洞	CNNVD-202411-2444	CVE-2024-31141	高危	Apache	https://lists.apache.org/thread/9whdzfr0zwdhr364604w5ssnzmg4v2lv
59	Apache CXF 安全漏洞	CNNVD-202407-1957	CVE-2024-32007	高危	Apache	https://lists.apache.org/thread/stwrgsr1llb73nkl16klv9vjqgmmx633
60	Aircompressor 安全漏洞	CNNVD-202405-4798	CVE-2024-36114	高危	airlift	https://github.com/airlift/aircompressor/releases/tag/0.27
61	Apache HTTP Server 安全漏洞	CNNVD-202407-094	CVE-2024-38474	高危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
62	VMware Spring Framework 安全漏洞	CNNVD-202409-1142	CVE-2024-38816	高危	VMware	https://spring.io/security/cve-2024-38816
63	VMware Spring Framework 安全漏洞	CNNVD-202410-3593	CVE-2024-38819	高危	VMware	https://docs.spring.io/spring-framework/reference/web/webmvc.html
64	Axios 安全漏洞	CNNVD-202408-799	CVE-2024-39338	高危	Axios	https://github.com/axios/axios/releases
65	Apache HTTP Server 安全漏洞	CNNVD-202407-339	CVE-2024-39884	高危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
66	Genivia gSOAP 安全漏洞	CNNVD-202501-2103	CVE-2024-4227	高危	Genivia	https://sourceforge.net/projects/gsoap2/
67	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202411-2775	CVE-2024-44308	高危	Apple	https://support.apple.com/en-us/121752
68	Golang Go crypto 安全漏洞	CNNVD-202412-1406	CVE-2024-45337	高危	Golang	https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909
69	XStream 安全漏洞	CNNVD-202411-823	CVE-2024-47072	高危	XStream	https://x-stream.github.io/CVE-2024-47072.html
70	Apache Maven Archetype Plugin 安全漏洞	CNNVD-202409-2227	CVE-2024-47197	高危	Apache	https://lists.apache.org/thread/ftg81np183wnyk0kg4ks95dvgxdrof96
71	GStreamer 输入验证错误漏洞	CNNVD-202412-1415	CVE-2024-47606	高危	GStreamer	https://gstreamer.freedesktop.org/download/
72	Werkzeug 安全漏洞	CNNVD-202410-2923	CVE-2024-49767	高危	Pallets	https://github.com/pallets/werkzeug/releases/tag/3.0
73	Apache Tomcat 安全漏洞	CNNVD-202412-2256	CVE-2024-50379	高危	Apache	https://lists.apache.org/thread/y6lj6q1xnp822g6ro70tn19sgtjmr80r
74	aiohttp 安全漏洞	CNNVD-202411-2364	CVE-2024-52303	高危	aio-libs	https://github.com/aio-libs/aiohttp/releases/tag/v3.11.3
75	Apple iOS和iPadOS 安全漏洞	CNNVD-202412-1522	CVE-2024-54534	高危	Apple	https://support.apple.com/en-us/121837
76	Apple iOS和Apple iPadOS 缓冲区错误漏洞	CNNVD-202501-3836	CVE-2024-54543	高危	Apple	https://support.apple.com/en-us/121837
77	Jinja 安全漏洞	CNNVD-202412-2662	CVE-2024-56201	高危	Pallets	https://github.com/pallets/jinja/security/advisories/GHSA-gmj6-6f8f-6699
78	Jinja 安全漏洞	CNNVD-202412-2665	CVE-2024-56326	高危	Pallets	https://github.com/pallets/jinja/security/advisories/GHSA-q2x7-8rv6-6q7h
79	Netplex Json-smart 安全漏洞	CNNVD-202502-472	CVE-2024-57699	高危	Netplex	https://github.com/netplex/json-smart-v2
80	Protocol Buffers 安全漏洞	CNNVD-202409-1841	CVE-2024-7254	高危	Protocol Buffers	http://protobuf.dev/
81	curl 安全漏洞	CNNVD-202407-3105	CVE-2024-7264	高危	cURL	https://curl.se/docs/CVE-2024-7264.html
82	libexpat 安全漏洞	CNNVD-202503-1673	CVE-2024-8176	高危	libexpat	https://github.com/libexpat/libexpat
83	VMware Spring Security 安全漏洞	CNNVD-202503-2153	CVE-2025-22228	高危	VMware	https://spring.io/security/cve-2025-22228
84	Node.js 安全漏洞	CNNVD-202501-3127	CVE-2025-23083	高危	Node.js	https://nodejs.org/en/blog/vulnerability/january-2025-security-releases
85	Apple iOS 命令注入漏洞	CNNVD-202501-3887	CVE-2025-24150	高危	Apple	https://support.apple.com/en-us/122066
86	libxml2 安全漏洞	CNNVD-202502-1989	CVE-2025-24928	高危	GNOME	https://gitlab.gnome.org/GNOME/libxml2/-/tags
87	Netty 输入验证错误漏洞	CNNVD-202502-776	CVE-2025-24970	高危	Netty	https://github.com/netty/netty/security/advisories/GHSA-4g8c-wm8x-jfhw
88	FreeType 缓冲区错误漏洞	CNNVD-202503-1204	CVE-2025-27363	高危	FreeType	https://www.facebook.com/security/advisories/cve-2025-27363
89	Jinja 安全漏洞	CNNVD-202503-672	CVE-2025-27516	高危	Pallets	https://github.com/pallets/jinja/releases/tag/3.1.6
90	Apache Tomcat 安全漏洞	CNNVD-202010-415	CVE-2020-13943	中危	Apache基金会	https://github.com/apache/tomcat
91	Apache Tomcat 环境问题漏洞	CNNVD-202002-1130	CVE-2020-1935	中危	Apache基金会	https://lists.apache.org/thread.html/r127f76181aceffea2bd4711b03c595d0f115f63e020348fe925a916c%40%3Cannounce.tomcat.apache.org%3E
92	EdDSA-Java 安全漏洞	CNNVD-202503-1554	CVE-2020-36843	中危	个人开发者	https://github.com/str4d/ed25519-java
93	Apache Tomcat 信息泄露漏洞	CNNVD-202101-1145	CVE-2021-24122	中危	Apache基金会	https://lists.apache.org/thread.html/r776c64337495bf28b7d5597268114a888e3fad6045c40a0da0c66d4d@%3Cdev.tomee.apache.org%3E
94	Jakarta Expression Language 输入验证错误漏洞	CNNVD-202105-1760	CVE-2021-28170	中危	Jakarta	https://jakarta.ee/specifications/expression-language/3.
95	Apache Tomcat 授权问题漏洞	CNNVD-202107-684	CVE-2021-30640	中危	Apache基金会	https://lists.apache.org/thread.html/r59f9ef03929d32120f91f4ea7e6e79edd5688d75d0a9b65fd26d1fe8%40%3Cannounce.tomcat.apache.org%3E
96	Apache Tomcat 环境问题漏洞	CNNVD-202107-681	CVE-2021-33037	中危	Apache基金会	https://lists.apache.org/thread.html/r612a79269b0d5e5780c62dfd34286a8037232fec0bc6f1a7e60c9381%40%3Cannounce.tomcat.apache.org%3E
97	Openjs Jquery Ui 跨站脚本漏洞	CNNVD-202110-1845	CVE-2021-41184	中危	Openjs基金会	https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
98	Apache MINA 安全漏洞	CNNVD-202111-238	CVE-2021-41973	中危	Apache基金会	https://lists.apache.org/thread.html/r0b907da9340d5ff4e6c1a4798ef4e79700a668657f27cca8a39e9250%40%3Cdev.mina.apache.org%3E
99	jsoup 跨站脚本漏洞	CNNVD-202208-4329	CVE-2022-36033	中危	个人开发者	https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
100	SciPy 安全漏洞	CNNVD-202307-200	CVE-2023-25399	中危	SciPy	https://github.com/scipy/scipy/issues/16235
101	Apache Tomcat 安全漏洞	CNNVD-202303-1662	CVE-2023-28708	中危	Apache基金会	https://lists.apache.org/thread/hdksc59z3s7tm39x0pp33mtwdrt8qr67
102	FasterXML jackson-databind 代码问题漏洞	CNNVD-202306-1121	CVE-2023-35116	中危	FasterXML	https://github.com/FasterXML/jackson-databind/issues/3972
103	Apache MINA 路径遍历漏洞	CNNVD-202307-582	CVE-2023-35887	中危	Apache基金会	https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2
104	Eclipse Jetty 安全漏洞	CNNVD-202309-1093	CVE-2023-36479	中危	Eclipse基金会	https://github.com/eclipse/jetty.project/security/advisories/GHSA-3gh6-v5v9-6v9j
105	Eclipse Jetty 安全漏洞	CNNVD-202309-1102	CVE-2023-40167	中危	Eclipse基金会	https://github.com/eclipse/jetty.project/security/advisories/GHSA-hmr7-m48g-48f6
106	Apache Tomcat 输入验证错误漏洞	CNNVD-202308-2096	CVE-2023-41080	中危	Apache基金会	https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f
107	Apache Tomcat 安全漏洞	CNNVD-202310-716	CVE-2023-42795	中危	Apache基金会	https://lists.apache.org/thread/065jfyo583490r9j2v73nhpyxdob56lw
108	Apache Tomcat 输入验证错误漏洞	CNNVD-202310-712	CVE-2023-45648	中危	Apache基金会	https://lists.apache.org/thread/2pv8yz1pyp088tsxfb7ogltk9msk0jdp
109	OpenSSH 安全漏洞	CNNVD-202312-1668	CVE-2023-48795	中危	OpenBSD	https://www.openssh.com/openbsd.html
110	Apache Portable Runtime 安全漏洞	CNNVD-202408-2479	CVE-2023-49582	中危	Apache	https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4
111	Jayway JsonPath 安全漏洞	CNNVD-202312-2349	CVE-2023-51074	中危	json-path	https://github.com/json-path/JsonPath/issues/973
112	Mozilla NSS 安全漏洞	CNNVD-202310-1005	CVE-2023-5388	中危	Mozilla基金会	https://bugzilla.redhat.com/show_bug.cgi?id=2243644
113	PHP 安全漏洞	CNNVD-202411-3461	CVE-2024-11233	中危	PHP	https://github.com/php/php-src/releases/tag/php-8.3.14
114	PHP 安全漏洞	CNNVD-202411-3460	CVE-2024-11234	中危	PHP	https://github.com/php/php-src/releases/tag/php-8.3.14
115	PHP 安全漏洞	CNNVD-202411-3464	CVE-2024-11236	中危	PHP	https://github.com/php/php-src/releases/tag/php-8.3.14
116	7-Zip 安全漏洞	CNNVD-202411-3219	CVE-2024-11612	中危	7-Zip	https://www.7-zip.org/
117	OpenSSL 安全漏洞	CNNVD-202502-983	CVE-2024-12797	中危	OpenSSL	https://openssl-library.org/news/secadv/20250211.txt
118	logback 安全漏洞	CNNVD-202412-2461	CVE-2024-12798	中危	QOS.CH	https://logback.qos.ch/
119	OpenSSL 安全漏洞	CNNVD-202501-2816	CVE-2024-13176	中危	OpenSSL	https://github.com/openssl/openssl/
120	Apache Commons Compress 安全漏洞	CNNVD-202402-1528	CVE-2024-25710	中危	Apache	https://lists.apache.org/thread/cz8qkcwphy4cx8gltn932ln51cbtq6kf
121	Apache Commons Compress 安全漏洞	CNNVD-202402-1527	CVE-2024-26308	中危	Apache	https://lists.apache.org/thread/ch5yo2d21p7vlqrhll9b17otbyq4npfg
122	Pillow 安全漏洞	CNNVD-202404-098	CVE-2024-28219	中危	Pillow	https://pillow.readthedocs.io/en/stable/releasenotes/10.3.0.ht
123	GnuTLS 信息泄露漏洞	CNNVD-202403-2176	CVE-2024-28834	中危	GnuTLS	https://gnutls.org/download.html
124	GnuTLS 安全漏洞	CNNVD-202403-2145	CVE-2024-28835	中危	GnuTLS	https://gitlab.com/gnutls/gnutls/-/commit/4a4cefef6c194f8fbbffd7fb19651219421b085b
125	Netty 安全漏洞	CNNVD-202403-2434	CVE-2024-29025	中危	Netty	https://github.com/netty/netty/commit/0d0c6ed782d13d423586ad0c71737b2c7d02058c
126	Apache CXF 代码问题漏洞	CNNVD-202407-1958	CVE-2024-29736	中危	Apache	https://lists.apache.org/thread/4jtpsswn2r6xommol54p5mg263ysgdw2
127	Pallets Jinja 安全漏洞	CNNVD-202405-1436	CVE-2024-34064	中危	Pallets	https://github.com/pallets/jinja/security/advisories/GHSA-h75v-3vvj-5mfj
128	Requests 安全漏洞	CNNVD-202405-3594	CVE-2024-35195	中危	Python	https://github.com/psf/requests/releases/tag/v2.32
129	urllib3 安全漏洞	CNNVD-202406-1954	CVE-2024-37891	中危	urllib3	https://github.com/urllib3/urllib3/security/advisories/GHSA-34jh-p97f-mpxf
130	Tiny Technologies TinyMCE 安全漏洞	CNNVD-202406-2249	CVE-2024-38357	中危	Tiny Technologies	https://github.com/tinymce/tinymce/security/advisories/GHSA-w9jx-4g6g-rp7x
131	Apache HTTP Server 安全漏洞	CNNVD-202407-092	CVE-2024-38476	中危	Apache	https://lists.apache.org/thread/p2xfjsvpogyrg4hw9cjs2nrnqnl34qf0
132	VMware Spring Security 安全漏洞	CNNVD-202412-142	CVE-2024-38827	中危	VMware	https://spring.io/security/cve-2024-38827
133	VMware Spring Framework 安全漏洞	CNNVD-202411-2241	CVE-2024-38828	中危	VMware	https://spring.io/security/cve-2024-38828
134	Apache HTTP Server 输入验证错误漏洞	CNNVD-202407-086	CVE-2024-39573	中危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
135	Apache HTTP Server 安全漏洞	CNNVD-202407-1912	CVE-2024-40725	中危	Apache	https://httpd.apache.org/security/vulnerabilities_24.html
136	Apple macOS 安全漏洞	CNNVD-202409-1449	CVE-2024-40866	中危	Apple	https://support.apple.com/en-us/121238
137	aiohttp 安全漏洞	CNNVD-202408-764	CVE-2024-42367	中危	aio-libs	https://github.com/aio-libs/aiohttp/security/advisories/GHSA-jwhx-xcg6-8xhj
138	Jenkins 安全漏洞	CNNVD-202408-532	CVE-2024-43045	中危	Jenkins	https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3349
139	Elastic Elasticsearch 安全漏洞	CNNVD-202501-2929	CVE-2024-43709	中危	Elastic	https://discuss.elastic.co/t/elasticsearch-7-17-21-and-8-13-3-security-update-esa-2024-25/373442
140	Express.js 跨站脚本漏洞	CNNVD-202409-692	CVE-2024-43796	中危	expressjs	https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx
141	Apple iOS和iPadOS 安全漏洞	CNNVD-202410-2739	CVE-2024-44185	中危	Apple	https://support.apple.com/en-us/120909
142	Apple macOS 安全漏洞	CNNVD-202409-1409	CVE-2024-44187	中危	Apple	https://support.apple.com/en-us/121238
143	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202410-3162	CVE-2024-44244	中危	Apple	https://support.apple.com/en-us/121563
144	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202410-3192	CVE-2024-44296	中危	Apple	https://support.apple.com/en-us/121563
145	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202411-2776	CVE-2024-44309	中危	Apple	https://support.apple.com/en-us/121752
146	Google Go 安全漏洞	CNNVD-202412-2401	CVE-2024-45338	中危	Google	https://pkg.go.dev/vuln/GO-2024-3333
147	CKEditor 跨站脚本漏洞	CNNVD-202409-2152	CVE-2024-45613	中危	个人开发者	https://github.com/ckeditor/ckeditor5/releases/tag/v43.1.1
148	Netty 资源管理错误漏洞	CNNVD-202411-1363	CVE-2024-47535	中危	Netty	https://github.com/netty/netty/releases/tag/netty-4.1.115.Final
149	GStreamer 代码问题漏洞	CNNVD-202412-1416	CVE-2024-47544	中危	GStreamer	https://gstreamer.freedesktop.org/security/sa-2024-0011.html
150	GStreamer 数字错误漏洞	CNNVD-202412-1432	CVE-2024-47545	中危	GStreamer	https://gstreamer.freedesktop.org/security/sa-2024-0010.html
151	GStreamer 数字错误漏洞	CNNVD-202412-1408	CVE-2024-47546	中危	GStreamer	https://gstreamer.freedesktop.org/security/sa-2024-0013.html
152	Apache Commons IO 资源管理错误漏洞	CNNVD-202410-209	CVE-2024-47554	中危	Apache	https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1
153	GStreamer 缓冲区错误漏洞	CNNVD-202412-1428	CVE-2024-47596	中危	GStreamer	https://gstreamer.freedesktop.org/security/sa-2024-0015.html
154	GStreamer 缓冲区错误漏洞	CNNVD-202412-1429	CVE-2024-47597	中危	GStreamer	https://gstreamer.freedesktop.org/security/sa-2024-0012.html
155	GStreamer 缓冲区错误漏洞	CNNVD-202412-1420	CVE-2024-47775	中危	GStreamer	https://gstreamer.freedesktop.org/download/
156	GStreamer 缓冲区错误漏洞	CNNVD-202412-1422	CVE-2024-47776	中危	GStreamer	https://gstreamer.freedesktop.org/download/
157	GStreamer 缓冲区错误漏洞	CNNVD-202412-1423	CVE-2024-47777	中危	GStreamer	https://gstreamer.freedesktop.org/download/
158	GStreamer 缓冲区错误漏洞	CNNVD-202412-1418	CVE-2024-47778	中危	GStreamer	https://gstreamer.freedesktop.org/download/
159	MPXJ 路径遍历漏洞	CNNVD-202410-3082	CVE-2024-49771	中危	个人开发者	https://github.com/joniles/mpxj/releases/tag/v13.5.1
160	libexpat 安全漏洞	CNNVD-202410-2993	CVE-2024-50602	中危	libexpat	https://github.com/libexpat/libexpat
161	scikit-learn 安全漏洞	CNNVD-202406-475	CVE-2024-5206	中危	个人开发者	https://github.com/scikit-learn/scikit-learn/releases/tag/1.5
162	Apache Tomcat 安全漏洞	CNNVD-202411-2304	CVE-2024-52317	中危	Apache	https://lists.apache.org/thread/ty376mrxy1mmxtw3ogo53nc9l3co3dfs
163	Linux kernel 安全漏洞	CNNVD-202412-085	CVE-2024-53122	中危	Linux	https://git.kernel.org/stable/c/24995851d58c4a205ad0ffa7b2f21e479a9c8527
164	Prism 代码注入漏洞	CNNVD-202503-115	CVE-2024-53382	中危	个人开发者	https://prismjs.com/
165	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202412-1494	CVE-2024-54479	中危	Apple	https://support.apple.com/en-us/121837
166	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202412-1506	CVE-2024-54502	中危	Apple	https://support.apple.com/en-us/121837
167	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202412-1510	CVE-2024-54505	中危	Apple	https://support.apple.com/en-us/121837
168	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202412-1512	CVE-2024-54508	中危	Apple	https://support.apple.com/en-us/121837
169	Apache Tomcat 安全漏洞	CNNVD-202412-2255	CVE-2024-54677	中危	Apache	https://lists.apache.org/thread/tdtbbxpg5trdwc2wnopcth9ccvdftq2n
170	Apache Kafka 安全漏洞	CNNVD-202412-2358	CVE-2024-56128	中危	Apache	https://lists.apache.org/thread/84dh4so32lwn7wr6c5s9mwh381vx9wkw
171	OpenSSL 安全漏洞	CNNVD-202409-141	CVE-2024-6119	中危	OpenSSL	https://openssl-library.org/news/secadv/20240903.txt
172	Eclipse Jetty 安全漏洞	CNNVD-202410-1360	CVE-2024-6763	中危	Eclipse	https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh
173	Eclipse Jetty 安全漏洞	CNNVD-202410-1329	CVE-2024-8184	中危	Eclipse	https://github.com/jetty/jetty.project/security/advisories/GHSA-g8m5-722r-8whq
174	Red Hat Ansible 日志信息泄露漏洞	CNNVD-202409-1291	CVE-2024-8775	中危	Red Hat	https://www.ansible.com/
175	OpenSSL 缓冲区错误漏洞	CNNVD-202410-1698	CVE-2024-9143	中危	OpenSSL	https://openssl-library.org/news/secadv/20241016.txt
176	curl 安全漏洞	CNNVD-202411-649	CVE-2024-9681	中危	cURL	https://github.com/curl/curl/releases/tag/curl-8_11_0
177	Red Hat Ansible 安全漏洞	CNNVD-202411-657	CVE-2024-9902	中危	Red Hat	https://access.redhat.com/errata/RHSA-2024:8969
178	FreeType 安全漏洞	CNNVD-202501-1311	CVE-2025-23022	中危	FreeType	https://freetype.org/
179	Node.js 安全漏洞	CNNVD-202501-3939	CVE-2025-23084	中危	Node.js	https://nodejs.org/en/blog/vulnerability/january-2025-security-releases
180	Node.js 安全漏洞	CNNVD-202502-597	CVE-2025-23085	中危	Node.js	https://nodejs.org/en/blog/vulnerability/january-2025-security-releases
181	Apache CXF 资源管理错误漏洞	CNNVD-202501-2927	CVE-2025-23184	中危	Apache	https://lists.apache.org/thread/lfs8l63rnctnj2skfrxyys7v8fgnt122
182	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202501-3883	CVE-2025-24143	中危	Apple	https://support.apple.com/en-us/122066
183	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202501-3893	CVE-2025-24158	中危	Apple	https://support.apple.com/en-us/122066
184	Apple iOS和Apple iPadOS 安全漏洞	CNNVD-202501-3897	CVE-2025-24162	中危	Apple	https://support.apple.com/en-us/122066
185	Netty 资源管理错误漏洞	CNNVD-202502-786	CVE-2025-25193	中危	Netty	https://github.com/netty/netty/security/advisories/GHSA-389x-839f-4rhx
186	OpenSSH 安全漏洞	CNNVD-202502-1940	CVE-2025-26465	中危	OpenBSD	https://www.openssh.com/
187	OpenSSH 资源管理错误漏洞	CNNVD-202502-3772	CVE-2025-26466	中危	OpenBSD	https://www.openssh.com/security.html
188	DOMPurify 安全漏洞	CNNVD-202502-1648	CVE-2025-26791	中危	个人开发者	https://github.com/cure53/DOMPurify/releases/tag/3.2.4
189	Babel 安全漏洞	CNNVD-202503-1347	CVE-2025-27789	中危	Babel	https://github.com/babel/babel/security/advisories/GHSA-968p-4wvh-cqc8
190	Jenkins 安全漏洞	CNNVD-202504-496	CVE-2025-31720	中危	Jenkins	https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3512
191	Jenkins 安全漏洞	CNNVD-202504-497	CVE-2025-31721	中危	Jenkins	https://www.jenkins.io/security/advisory/2025-04-02/#SECURITY-3513
192	Apache Tomcat 竞争条件问题漏洞	CNNVD-202209-2852	CVE-2021-43980	低危	Apache基金会	https://lists.apache.org/thread/3jjqbsp6j88b198x5rmg99b1qr8ht3g3
193	curl 安全漏洞	CNNVD-202310-916	CVE-2023-38546	低危	curl	https://github.com/curl/curl/releases
194	curl 安全漏洞	CNNVD-202412-1372	CVE-2024-11053	低危	cURL	https://curl.se/docs/CVE-2024-11053.html
195	logback 安全漏洞	CNNVD-202412-2466	CVE-2024-12801	低危	QOS.CH	https://logback.qos.ch/
196	VMware Spring Framework 安全漏洞	CNNVD-202410-1928	CVE-2024-38820	低危	VMware	https://spring.io/security/cve-2024-38820
197	Apache Avro 代码问题漏洞	CNNVD-202410-208	CVE-2024-47561	低危	Apache	https://lists.apache.org/thread/c2v7mhqnmq0jmbwxqq3r5jbj1xg43h5x
198	OpenSSL 安全漏洞	CNNVD-202406-2936	CVE-2024-5535	低危	OpenSSL	https://github.openssl.org/openssl/extended-releases/commit/b78ec0824da857223486660177d3b1f255c65d87
199	libxml2 安全漏洞	CNNVD-202502-1973	CVE-2024-56171	低危	GNOME	https://gitlab.gnome.org/GNOME/libxml2/-/tags
200	libxml2 安全漏洞	CNNVD-202502-2003	CVE-2025-27113	低危	GNOME	https://gitlab.gnome.org/GNOME/libxml2/-/tags

三、修复建议

目前，Oracle官方已经发布补丁修复了上述漏洞，建议用户及时确认漏洞影响，尽快采取修补措施。Oracle官方补丁下载地址：

https://www.oracle.com/security-alerts/cpuapr2025.html

CNNVD将继续跟踪上述漏洞的相关情况，及时发布相关信息。如有需要，可与CNNVD联系。联系方式: cnnvd@itsec.gov.cn

声明：本文来自CNNVD安全动态，稿件和图片版权均归原作者所有。所涉观点不代表东方安全立场，转载目的在于传递更多信息。如有侵权，请联系rhliu@skdlabs.com，我们将及时按原作者或权利人的意愿予以更正。

上一篇：知名医疗上市公司遭勒索攻击，部分运营中断

下一篇：FortiAI 重塑Fortinet Security Fabric全面智能化进阶