docker.io/fooololo/aipan-netdisk-search:latest linux/amd64

docker.io/fooololo/aipan-netdisk-search:latest - Trivy安全扫描结果 扫描时间: 2024-11-28 16:26
全部漏洞信息
低危漏洞:4 中危漏洞:22 高危漏洞:12 严重漏洞:2

系统OS: alpine 3.20.2 扫描引擎: Trivy 扫描时间: 2024-11-28 16:26

docker.io/fooololo/aipan-netdisk-search:latest (alpine 3.20.2) (alpine)
低危漏洞:2 中危漏洞:2 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
libcrypto3 CVE-2024-6119 中危 3.3.1-r3 3.3.2-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
libssl3 CVE-2024-6119 中危 3.3.1-r3 3.3.2-r0 openssl: Possible denial of service in X.509 name checks

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6119

镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07

发布日期: 2024-09-03 16:15 修改: 2024-09-03 21:35
libcrypto3 CVE-2024-9143 低危 3.3.1-r3 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
libssl3 CVE-2024-9143 低危 3.3.1-r3 3.3.2-r1 openssl: Low-level invalid GF(2^m) parameters lead to OOB memory access

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9143

镜像层: sha256:78561cef0761903dd2f7d09856150a6d4fb48967a8f113f3e33d79effbf59a07

发布日期: 2024-10-16 17:15 修改: 2024-11-08 16:35
Node.js (node-pkg)
低危漏洞:2 中危漏洞:10 高危漏洞:11 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
nuxt CVE-2024-34344 严重 3.11.2 3.12.4 Nuxt vulnerable to remote code execution via the browser when running the test locally

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34344

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-08-05 21:15 修改: 2024-09-19 20:58
axios CVE-2024-39338 高危 1.6.8 1.7.4 axios: axios: Server-Side Request Forgery

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-39338

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-08-12 13:38 修改: 2024-08-23 18:35
braces CVE-2024-4068 高危 3.0.2 3.0.3 braces: fails to limit the number of characters it can handle

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4068

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-05-14 15:42 修改: 2024-07-03 02:07
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
cross-spawn CVE-2024-21538 高危 7.0.3 7.0.5, 6.0.6 cross-spawn: regular expression denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538

镜像层: sha256:7cc8f366b357199281a74b037d880980b2ce54725975e0eb63fbf5b5cc4d2881

发布日期: 2024-11-08 05:15 修改: 2024-11-19 14:15
fast-xml-parser CVE-2024-41818 高危 4.4.0 4.4.1 fast-xml-parser: ReDOS at currency parsing in currency.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41818

镜像层: sha256:bf85d92915bebe02a83e538dece5a83bb6d71b6cc489dfe44d91de247e58ad16

发布日期: 2024-07-29 16:15 修改: 2024-10-11 15:15
fast-xml-parser CVE-2024-41818 高危 4.4.0 4.4.1 fast-xml-parser: ReDOS at currency parsing in currency.js

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41818

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-07-29 16:15 修改: 2024-10-11 15:15
http-proxy-middleware CVE-2024-21536 高危 3.0.0 2.0.7, 3.0.3 http-proxy-middleware: Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21536

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-10-19 05:15 修改: 2024-11-01 18:03
@nuxt/devtools CVE-2024-23657 高危 1.3.1 1.3.9 Nuxt Devtools has a Path Traversal: '../filedir'

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-23657

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-08-05 21:15 修改: 2024-09-20 12:49
path-to-regexp CVE-2024-45296 高危 6.2.2 1.9.0, 0.1.10, 8.0.0, 3.3.0, 6.3.0 path-to-regexp: Backtracking regular expressions cause ReDoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45296

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-09 19:15 修改: 2024-09-10 12:09
rollup CVE-2024-47068 高危 4.17.2 3.29.5, 4.22.4, 2.79.2 rollup: DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-47068

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-23 16:15 修改: 2024-10-29 16:15
ws CVE-2024-37890 高危 8.17.0 5.2.4, 6.2.3, 7.5.10, 8.17.1 nodejs-ws: denial of service when handling a request with many HTTP headers

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-37890

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-06-17 20:15 修改: 2024-06-20 12:44
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:bf85d92915bebe02a83e538dece5a83bb6d71b6cc489dfe44d91de247e58ad16

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
request CVE-2023-28155 中危 2.88.2 The Request package through 2.88.1 for Node.js allows a bypass of SSRF ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-28155

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2023-03-16 15:15 修改: 2024-08-02 13:15
nuxt CVE-2024-34343 中危 3.11.2 3.12.4 nuxt vulnerable to Cross-site Scripting in navigateTo if used after SSR

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34343

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-08-05 21:15 修改: 2024-09-19 19:57
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:bf85d92915bebe02a83e538dece5a83bb6d71b6cc489dfe44d91de247e58ad16

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
tough-cookie CVE-2023-26136 中危 2.5.0 4.1.3 tough-cookie: prototype pollution in cookie memstore

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-26136

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2023-07-01 05:15 修改: 2024-06-21 19:15
vite CVE-2024-45811 中危 5.2.11 5.4.6, 5.3.6, 5.2.14, 4.5.4, 3.2.11, 5.1.8 vite: server.fs.deny is bypassed when using `?import&raw`

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45811

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-17 20:15 修改: 2024-09-20 12:30
vite CVE-2024-45812 中危 5.2.11 5.4.6, 5.3.6, 5.2.14, 4.5.4, 3.2.11, 5.1.8 vite: XSS via DOM Clobbering gadget found in vite bundled scripts

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-45812

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-17 20:15 修改: 2024-09-20 12:30
vue-template-compiler CVE-2024-6783 中危 2.7.16 3.0.0 vue-template-compiler vulnerable to client-side Cross-Site Scripting (XSS)

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-6783

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-07-23 15:15 修改: 2024-08-30 15:15
webpack CVE-2024-43788 中危 5.92.0 5.94.0 webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43788

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-08-27 17:15 修改: 2024-09-03 15:15
micromatch CVE-2024-4067 中危 4.0.5 4.0.8 micromatch: vulnerable to Regular Expression Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-4067

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-05-14 15:42 修改: 2024-08-28 00:15
serve-static CVE-2024-43800 低危 1.15.0 1.16.0, 2.1.0 serve-static: Improper Sanitization in serve-static

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43800

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-10 15:15 修改: 2024-09-20 17:36
send CVE-2024-43799 低危 0.18.0 0.19.0 send: Code Execution Vulnerability in Send Library

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-43799

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-10 15:15 修改: 2024-09-20 16:57
app/node_modules/@esbuild/linux-x64/bin/esbuild (gobinary)
低危漏洞:0 中危漏洞:10 高危漏洞:1 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
stdlib CVE-2024-24790 严重 1.20.12 1.21.11, 1.22.4 golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24790

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-06-05 16:15 修改: 2024-09-03 18:35
stdlib CVE-2023-45288 高危 1.20.12 1.21.9, 1.22.2 golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45288

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-04-04 21:15 修改: 2024-08-26 21:35
stdlib CVE-2023-45289 中危 1.20.12 1.21.8, 1.22.1 golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45289

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-03-05 23:15 修改: 2024-11-04 19:35
stdlib CVE-2023-45290 中危 1.20.12 1.21.8, 1.22.1 golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45290

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-03-05 23:15 修改: 2024-11-07 11:35
stdlib CVE-2024-24783 中危 1.20.12 1.21.8, 1.22.1 golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24783

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-03-05 23:15 修改: 2024-11-05 17:35
stdlib CVE-2024-24784 中危 1.20.12 1.21.8, 1.22.1 golang: net/mail: comments in display names are incorrectly handled

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24784

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-03-05 23:15 修改: 2024-08-05 21:35
stdlib CVE-2024-24785 中危 1.20.12 1.21.8, 1.22.1 golang: html/template: errors returned from MarshalJSON methods may break template escaping

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24785

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-03-05 23:15 修改: 2024-05-01 17:15
stdlib CVE-2024-24789 中危 1.20.12 1.21.11, 1.22.4 golang: archive/zip: Incorrect handling of certain ZIP files

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24789

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-06-05 16:15 修改: 2024-07-03 01:48
stdlib CVE-2024-24791 中危 1.20.12 1.21.12, 1.22.5 net/http: Denial of service due to improper 100-continue handling in net/http

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-24791

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-07-02 22:15 修改: 2024-07-08 14:17
stdlib CVE-2024-34155 中危 1.20.12 1.22.7, 1.23.1 Calling any of the Parse functions on Go source code which contains de ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34155

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-06 21:15 修改: 2024-11-04 17:35
stdlib CVE-2024-34156 中危 1.20.12 1.22.7, 1.23.1 Calling Decoder.Decode on a message which contains deeply nested struc ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34156

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-06 21:15 修改: 2024-09-09 15:35
stdlib CVE-2024-34158 中危 1.20.12 1.22.7, 1.23.1 Calling Parse on a "// +build" build tag line with deeply nested expre ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34158

镜像层: sha256:f10958abe9ad1c7a78162793bcb28ad98d758436c399e21da77505aeee69e00f

发布日期: 2024-09-06 21:15 修改: 2024-09-09 14:35