docker.io/germannewsmaker/nexterm:latest linux/amd64

docker.io/germannewsmaker/nexterm:latest - Trivy安全扫描结果 扫描时间: 2026-05-20 11:21
全部漏洞信息
低危漏洞:9 中危漏洞:109 高危漏洞:90 严重漏洞:8

系统OS: alpine 3.23.2 扫描引擎: Trivy 扫描时间: 2026-05-20 11:21

docker.io/germannewsmaker/nexterm:latest (alpine 3.23.2) (alpine)
低危漏洞:4 中危漏洞:84 高危漏洞:37 严重漏洞:7
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
gnutls CVE-2026-33845 严重 3.8.11-r0 3.8.13-r0 gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-30 18:16 修改: 2026-05-05 03:03
libcrypto3 CVE-2025-15467 严重 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
libcrypto3 CVE-2026-31789 严重 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-15467 严重 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
libssl3 CVE-2026-31789 严重 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl CVE-2025-15467 严重 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-07 18:12
openssl CVE-2026-31789 严重 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Heap buffer overflow on 32-bit systems from large X.509 certificate processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31789

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
lcms2 CVE-2026-41254 高危 2.17-r0 2.19-r0 Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41254

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-18 07:16 修改: 2026-05-07 18:16
libcap2 CVE-2026-4878 高危 2.77-r0 2.78-r0 libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-09 16:16 修改: 2026-05-07 22:16
cups-libs CVE-2026-34980 高危 2.4.13-r0 2.4.18-r0 cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34980

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:28
gnutls CVE-2026-1584 高危 3.8.11-r0 3.8.12-r0 gnutls: gnutls: Remote Denial of Service via crafted ClientHello with invalid PSK binder

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1584

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-09 18:16 修改: 2026-05-03 14:16
libcrypto3 CVE-2025-69419 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-69421 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28387 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28388 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28389 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-28390 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libexpat CVE-2026-25210 高危 2.7.3-r0 2.7.4-r0 libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25210

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-30 07:16 修改: 2026-03-10 18:17
libpng CVE-2026-22695 高危 1.6.53-r0 1.6.54-r0 libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22695

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng CVE-2026-22801 高危 1.6.53-r0 1.6.54-r0 libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22801

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-12 23:15 修改: 2026-01-21 18:58
libpng CVE-2026-25646 高危 1.6.53-r0 1.6.55-r0 libpng: LIBPNG has a heap buffer overflow in png_set_quantize

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25646

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-02-10 18:16 修改: 2026-02-13 20:43
libpng CVE-2026-33416 高危 1.6.53-r0 1.6.56-r0 libpng: libpng: Arbitrary code execution due to use-after-free vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33416

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 17:16 修改: 2026-04-02 20:28
libpng CVE-2026-33636 高危 1.6.53-r0 1.6.56-r0 libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33636

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 17:16 修改: 2026-04-02 18:42
libssh CVE-2026-0966 高危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 21:17 修改: 2026-05-11 17:16
gnutls CVE-2026-33846 高危 3.8.11-r0 3.8.13-r0 gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-05-04 10:15 修改: 2026-05-04 15:22
gnutls CVE-2026-3833 高危 3.8.11-r0 3.8.13-r0 gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-30 18:16 修改: 2026-05-07 02:09
libssl3 CVE-2025-69419 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69421 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28387 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28388 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28389 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-28390 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
mbedtls CVE-2026-25835 高危 3.6.5-r0 3.6.6-r0 Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25835

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-01 19:16 修改: 2026-04-06 14:29
musl CVE-2026-40200 高危 1.2.5-r21 1.2.5-r23 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
musl-utils CVE-2026-40200 高危 1.2.5-r21 1.2.5-r23 musl: musl libc: Arbitrary code execution and denial of service via stack-based memory corruption in qsort

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40200

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-10 17:17 修改: 2026-04-27 19:18
gnutls CVE-2026-42010 高危 3.8.11-r0 3.8.13-r0 gnutls: gnutls: Authentication Bypass via NUL Character in Username

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-05-07 12:16 修改: 2026-05-07 15:16
gnutls CVE-2026-42011 高危 3.8.11-r0 3.8.13-r0 gnutls: gnutls: Security bypass due to incorrect name constraint handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-05-07 15:16 修改: 2026-05-07 15:48
openssl CVE-2025-69419 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2025-69421 高危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2026-28387 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Arbitrary code execution due to use-after-free in DANE TLSA authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28387

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl CVE-2026-28388 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in delta CRL processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28388

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl CVE-2026-28389 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service vulnerability in CMS processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28389

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
openssl CVE-2026-28390 高危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
zlib CVE-2026-22184 高危 1.3.1-r2 1.3.2-r0 zlib: zlib: Arbitrary code execution via buffer overflow in untgz utility

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22184

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-07 21:16 修改: 2026-03-18 16:26
libcrypto3 CVE-2026-2673 中危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-03-13 19:54 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-31790 中危 3.5.4-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
cfdisk CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libexpat CVE-2026-32776 中危 2.7.3-r0 2.7.5-r0 libexpat: libexpat: Denial of Service due to NULL pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32776

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libexpat CVE-2026-32777 中危 2.7.3-r0 2.7.5-r0 libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32777

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libexpat CVE-2026-32778 中危 2.7.3-r0 2.7.5-r0 libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-32778

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-16 14:19 修改: 2026-03-17 15:52
libfdisk CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libmount CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
agetty CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
cups-libs CVE-2025-58436 中危 2.4.13-r0 2.4.16-r0 cups: Slow client communication leads to a possible DoS attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58436

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2025-11-29 03:15 修改: 2025-12-04 17:24
cups-libs CVE-2025-61915 中危 2.4.13-r0 2.4.16-r0 CUPS: Local denial-of-service via cupsd.conf update and related issues

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61915

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2025-11-29 03:15 修改: 2025-12-04 17:15
cups-libs CVE-2026-27447 中危 2.4.13-r0 2.4.18-r0 cups: OpenPrinting CUPS: Authorization bypass via case-insensitive username comparison

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27447

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:20
gnutls CVE-2025-14831 中危 3.8.11-r0 3.8.12-r0 gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-02-09 15:16 修改: 2026-05-12 13:16
libpng CVE-2026-34757 中危 1.6.53-r0 1.6.57-r0 libpng: libpng: Information disclosure and data corruption via use-after-free vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34757

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-09 15:16 修改: 2026-05-09 11:16
libsmartcols CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libsodium CVE-2025-69277 中危 1.0.20-r0 1.0.20-r1 libsodium: pynacl: libsodium: Improper validation of elliptic curve points could lead to data integrity or information disclosure.

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69277

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2025-12-31 06:15 修改: 2026-04-15 00:35
hexdump CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssh CVE-2026-0964 中危 0.11.3-r0 0.11.4-r0 libssh: Improper sanitation of paths received from SCP servers

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 21:17 修改: 2026-04-30 16:43
libssh CVE-2026-0967 中危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service via inefficient regular expression processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 21:17 修改: 2026-04-02 17:28
cups-libs CVE-2026-34978 中危 2.4.13-r0 2.4.18-r0 cups: OpenPrinting CUPS: Denial of Service via path traversal in RSS notifier

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34978

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:29
libblkid CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
cups-libs CVE-2026-34979 中危 2.4.13-r0 2.4.18-r0 cups: OpenPrinting CUPS: Denial of Service via heap-based buffer overflow in job attribute processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34979

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:28
cups-libs CVE-2026-34990 中危 2.4.13-r0 2.4.18-r0 cups: OpenPrinting CUPS: Privilege escalation via arbitrary file overwrite due to coerced authentication

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34990

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-16 18:15
cups-libs CVE-2026-39314 中危 2.4.13-r0 2.4.18-r0 cups: CUPS: Denial of Service via integer underflow in IPP attribute handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39314

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 17:16 修改: 2026-04-16 18:13
cups-libs CVE-2026-39316 中危 2.4.13-r0 2.4.18-r0 cups: CUPS: Denial of Service and potential arbitrary code execution via use-after-free vulnerability when deleting temporary printers.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39316

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 17:16 修改: 2026-04-16 18:08
dmesg CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
findmnt CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
libssl3 CVE-2025-11187 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
libssl3 CVE-2025-15468 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libssl3 CVE-2025-15469 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3 CVE-2025-66199 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libssl3 CVE-2025-68160 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69418 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2025-69420 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-22795 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-22796 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libssl3 CVE-2026-2673 中危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-03-13 19:54 修改: 2026-05-12 13:17
libssl3 CVE-2026-31790 中危 3.5.4-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
libtasn1 CVE-2025-13151 中危 4.20.0-r0 4.21.0-r0 libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-07 22:15 修改: 2026-02-02 19:27
libuuid CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
logger CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
losetup CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
lsblk CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
lscpu CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
flock CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mbedtls CVE-2026-25834 中危 3.6.5-r0 3.6.6-r0 mbedtls: Mbed TLS: Algorithm downgrade vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25834

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-01 18:16 修改: 2026-04-06 14:17
mcookie CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
mount CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
fstrim CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
musl CVE-2026-6042 中危 1.2.5-r21 1.2.5-r22 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
blkid CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
musl-utils CVE-2026-6042 中危 1.2.5-r21 1.2.5-r22 musl libc: GB18030 4-byte Decoder: musl libc: Denial of Service via inefficient algorithmic complexity in iconv

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6042

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-04-10 09:16 修改: 2026-04-24 18:01
libcrypto3 CVE-2025-11187 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
libcrypto3 CVE-2025-15468 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
libcrypto3 CVE-2025-15469 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libcrypto3 CVE-2025-66199 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
libcrypto3 CVE-2025-68160 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-69418 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2025-69420 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
libcrypto3 CVE-2026-22795 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2025-11187 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-03-20 14:16
openssl CVE-2025-15468 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:38
openssl CVE-2025-15469 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
openssl CVE-2025-66199 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-02-02 18:37
openssl CVE-2025-68160 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2025-69418 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2025-69420 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via malformed TimeStamp Response

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2026-22795 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2026-22796 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
openssl CVE-2026-2673 中危 3.5.4-r0 3.5.6-r0 openssl: OpenSSL TLS 1.3 server may choose unexpected key agreement group

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2673

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-13 19:54 修改: 2026-05-12 13:17
openssl CVE-2026-31790 中危 3.5.4-r0 3.5.6-r0 openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-07 22:16 修改: 2026-05-12 13:17
partx CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
runuser CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
setarch CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
setpriv CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
sfdisk CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
umount CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
util-linux CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
util-linux-misc CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
uuidgen CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
wipefs CVE-2026-27456 中危 2.41.2-r0 2.41.4-r0 util-linux: TOCTOU in the mount program when setting up loop devices

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27456

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-03 22:16 修改: 2026-04-22 16:08
xz-libs CVE-2026-34743 中危 5.8.1-r0 5.8.3-r0 xz: XZ Utils: Denial of Service via buffer overflow in index decoding

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34743

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-02 19:21 修改: 2026-04-15 17:33
libcrypto3 CVE-2026-22796 中危 3.5.4-r0 3.5.5-r0 openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-01-27 16:16 修改: 2026-05-12 13:17
zlib CVE-2026-27171 中危 1.3.1-r2 1.3.2-r0 zlib: zlib: Denial of Service via infinite loop in CRC32 combine functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27171

镜像层: sha256:7bb20cf5ef67526cb843d264145241ce4dde09a337b5be1be42ba464de9a672d

发布日期: 2026-02-18 04:16 修改: 2026-03-25 21:27
gnutls CVE-2026-3832 低危 3.8.11-r0 3.8.13-r0 gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-30 18:16 修改: 2026-05-11 19:15
libssh CVE-2026-0965 低危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service via improper configuration file handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 21:17 修改: 2026-04-02 17:33
libssh CVE-2026-0968 低危 0.11.3-r0 0.11.4-r0 libssh: libssh: Denial of Service due to malformed SFTP message

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-03-26 21:17 修改: 2026-04-13 20:15
libexpat CVE-2026-24515 低危 2.7.3-r0 2.7.4-r0 libexpat: libexpat null pointer dereference

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24515

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-01-23 08:16 修改: 2026-02-05 17:27
gnutls CVE-2026-42012 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls CVE-2026-42013 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls CVE-2026-42014 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls CVE-2026-42015 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls CVE-2026-5260 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
gnutls CVE-2026-5419 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
mbedtls CVE-2026-25833 未知 3.6.5-r0 3.6.6-r0 Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25833

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-04-01 19:16 修改: 2026-04-06 14:18
gnutls CVE-2026-42009 未知 3.8.11-r0 3.8.13-r0

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
libvpx CVE-2026-1861 未知 1.15.2-r0 1.15.2-r1 Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.13 ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1861

镜像层: sha256:ee0f36be749973560f7a3e8082fe54c75f26bd368d30686c4ab97047796e9f2d

发布日期: 2026-02-03 21:16 修改: 2026-02-11 18:32
Node.js (node-pkg)
低危漏洞:5 中危漏洞:25 高危漏洞:53 严重漏洞:1
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
fast-xml-parser CVE-2026-25896 严重 4.5.3 5.3.5, 4.5.4 fast-xml-parser: fast-xml-parser: Cross-Site Scripting (XSS) due to improper DOCTYPE entity handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25896

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-20 21:19 修改: 2026-03-02 14:54
axios CVE-2026-42033 高危 1.13.2 1.15.1, 0.31.1 axios: Axios: HTTP Transport Hijacking via Prototype Pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42033

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:02
axios CVE-2026-42035 高危 1.13.2 1.15.1, 0.31.1 axios: Axios: Arbitrary HTTP header injection via prototype pollution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42035

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:58
axios CVE-2026-42043 高危 1.13.2 1.15.1, 0.31.1 axios: Axios: NO_PROXY bypass via crafted URL

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42043

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:05
axios CVE-2026-42264 高危 1.13.2 1.15.2 Axios is a promise based HTTP client for the browser and Node.js. From ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42264

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-05-08 04:16 修改: 2026-05-08 16:02
express-rate-limit CVE-2026-30827 高危 8.2.1 8.2.2, 8.1.1, 8.0.2 express-rate-limit: express-rate-limit: Denial of Service for IPv4 clients due to incorrect IPv6 subnet masking

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-30827

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-07 06:16 修改: 2026-03-11 19:00
axios CVE-2026-25639 高危 1.13.2 1.13.5, 0.30.3 axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25639

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-09 21:15 修改: 2026-02-18 18:24
fast-xml-parser CVE-2026-26278 高危 4.5.3 4.5.4, 5.3.6 fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26278

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-19 20:25 修改: 2026-02-23 19:30
fast-xml-parser CVE-2026-33036 高危 4.5.3 5.5.6, 4.5.5 fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33036

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-20 06:16 修改: 2026-03-23 16:28
glob CVE-2025-64756 高危 10.4.5 11.1.0, 10.5.0 glob: glob: Command Injection Vulnerability via Malicious Filenames

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
lodash CVE-2026-4800 高危 4.17.21 4.18.0 lodash: lodash: Arbitrary code execution via untrusted input in template imports

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4800

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-31 20:16 修改: 2026-05-01 18:09
minimatch CVE-2026-26996 高危 3.1.2 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-27903 高危 3.1.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27904 高危 3.1.2 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
minimatch CVE-2026-26996 高危 5.1.6 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-27903 高危 5.1.6 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27904 高危 5.1.6 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-26996 高危 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 minimatch: minimatch: Denial of Service via specially crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27903 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
minimatch CVE-2026-27904 高危 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
path-to-regexp CVE-2026-4867 高危 0.1.12 0.1.13 path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4867

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-26 17:16 修改: 2026-04-16 18:01
path-to-regexp CVE-2026-4926 高危 8.3.0 8.4.0 path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4926

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-26 19:17 修改: 2026-04-16 18:04
picomatch CVE-2026-33671 高危 4.0.2 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
sequelize CVE-2026-30951 高危 6.37.7 6.37.8 sequelize: Sequelize: Data exfiltration via SQL injection in JSON/JSONB where clause processing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-30951

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-10 21:16 修改: 2026-03-18 19:16
tar CVE-2026-23745 高危 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar CVE-2026-23745 高危 6.2.1 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar CVE-2026-23950 高危 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar CVE-2026-23950 高危 6.2.1 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar CVE-2026-24842 高危 6.2.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar CVE-2026-24842 高危 6.2.1 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar CVE-2026-26960 高危 6.2.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar CVE-2026-26960 高危 6.2.1 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar CVE-2026-29786 高危 6.2.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar CVE-2026-29786 高危 6.2.1 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar CVE-2026-31802 高危 6.2.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
tar CVE-2026-31802 高危 6.2.1 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
tar CVE-2026-23745 高危 7.4.3 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar CVE-2026-23745 高危 7.4.3 7.5.3 node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
tar CVE-2026-23950 高危 7.4.3 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar CVE-2026-23950 高危 7.4.3 7.5.4 node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
tar CVE-2026-24842 高危 7.4.3 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar CVE-2026-24842 高危 7.4.3 7.5.7 node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
tar CVE-2026-26960 高危 7.4.3 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar CVE-2026-26960 高危 7.4.3 7.5.8 node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
tar CVE-2026-29786 高危 7.4.3 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar CVE-2026-29786 高危 7.4.3 7.5.10 node-tar: hardlink path traversal via drive-relative linkpath

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
tar CVE-2026-31802 高危 7.4.3 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
tar CVE-2026-31802 高危 7.4.3 7.5.11 tar: tar: File overwrite via drive-relative symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
axios CVE-2026-42038 中危 1.13.2 1.15.1, 0.31.1 axios: Axios: Information disclosure due to `no_proxy` bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42038

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:52
lodash CVE-2025-13465 中危 4.17.21 4.17.23 lodash: prototype pollution in _.unset and _.omit functions

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13465

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-01-21 20:16 修改: 2026-02-17 17:10
lodash CVE-2026-2950 中危 4.17.21 4.18.0 lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2950

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-31 20:16 修改: 2026-04-07 16:12
axios CVE-2026-42039 中危 1.13.2 1.15.1, 0.31.1 axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42039

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:50
axios CVE-2026-42041 中危 1.13.2 1.15.1, 0.31.1 axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42041

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:07
axios CVE-2026-42042 中危 1.13.2 1.15.1, 0.31.1 axios: Axios: XSRF token bypass leading to information disclosure

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42042

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:05
axios CVE-2026-42044 中危 1.13.2 1.15.2 Axios is a promise based HTTP client for the browser and Node.js. From ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42044

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:04
brace-expansion CVE-2026-33750 中危 1.1.12 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
brace-expansion CVE-2026-33750 中危 2.0.2 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
brace-expansion CVE-2026-33750 中危 2.0.2 5.0.5, 3.0.2, 2.0.3, 1.1.13 brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
dottie CVE-2026-27837 中危 2.0.6 2.0.7 dottie.js: dottie.js: Unauthorized object modification via prototype pollution bypass

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27837

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 01:16 修改: 2026-02-28 00:58
axios CVE-2025-62718 中危 1.13.2 1.15.0, 0.31.0 axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62718

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-09 15:16 修改: 2026-04-16 19:16
axios CVE-2026-40175 中危 1.13.2 1.15.0, 0.31.0 axios: Axios: Remote Code Execution via Prototype Pollution escalation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40175

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-10 20:16 修改: 2026-05-12 13:17
axios CVE-2026-42034 中危 1.13.2 1.15.1, 0.31.1 axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42034

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:59
axios CVE-2026-42036 中危 1.13.2 1.15.1, 0.31.1 axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42036

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:57
fast-xml-parser CVE-2026-33349 中危 4.5.3 4.5.5, 5.5.7 fast-xml-parser: fast-xml-parser: Denial of Service via unbounded entity expansion due to incorrect configuration limit handling

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33349

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-24 20:16 修改: 2026-03-26 13:01
fast-xml-parser CVE-2026-41650 中危 4.5.3 5.7.0 fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41650

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-05-07 15:16 修改: 2026-05-12 20:30
follow-redirects GHSA-r4q5-vmmm-2653 中危 1.15.11 1.16.0 follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets

漏洞详情: https://github.com/advisories/GHSA-r4q5-vmmm-2653

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-14 01:11 修改: 2026-04-14 01:11
axios CVE-2026-42037 中危 1.13.2 1.15.1 axios: Node.js: Axios: Information disclosure via CRLF injection in multipart Content-Type header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42037

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:54
ip-address CVE-2026-42338 中危 10.0.1 10.1.1 ip-address has XSS in Address6 HTML-emitting methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
path-to-regexp CVE-2026-4923 中危 8.3.0 8.4.0 path-to-regexp: path-to-regexp: Denial of Service via specially crafted paths with multiple wildcards

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4923

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-26 19:17 修改: 2026-04-16 18:03
ip-address CVE-2026-42338 中危 10.1.0 10.1.1 ip-address has XSS in Address6 HTML-emitting methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
picomatch CVE-2026-33672 中危 4.0.2 4.0.4, 3.0.2, 2.3.2 picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44
ip-address CVE-2026-42338 中危 9.0.5 10.1.1 ip-address has XSS in Address6 HTML-emitting methods

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
uuid CVE-2026-41907 中危 13.0.0 11.1.1, 12.0.1, 13.0.1 uuid: uuid: Out-of-bounds write vulnerability impacts data integrity and confidentiality

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41907

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 19:17 修改: 2026-05-11 13:53
diff CVE-2026-24001 低危 5.2.0 8.0.3, 5.2.2, 4.0.4, 3.5.1 jsdiff: denial of service vulnerability in parsePatch and applyPatch

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001

镜像层: sha256:425df4ae55debcfa59e385f0f443aa5a924b395667f5798c1a72d3ad991be5b5

发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
axios CVE-2026-42040 低危 1.13.2 1.15.1, 0.31.1 Axios is a promise based HTTP client for the browser and Node.js. Prio ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42040

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:09
fast-xml-parser CVE-2026-27942 低危 4.5.3 5.3.8, 4.5.4 fast-xml-parser: fast-xml-parser: Stack overflow leads to Denial of Service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27942

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-26 02:16 修改: 2026-03-02 14:54
qs CVE-2026-2391 低危 6.14.1 6.14.2 qs: qs's arrayLimit bypass in comma parsing allows denial of service

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2391

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-02-12 05:17 修改: 2026-02-24 20:13
@tootallnate/once CVE-2026-3449 低危 1.1.2 3.0.1 @tootallnate/once: @tootallnate/once: Denial of Service due to incorrect control flow scoping with AbortSignal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3449

镜像层: sha256:a155e6f393cc5d8e8a42fe149248e57cab660762f023f7c6ebf322a89705e7bd

发布日期: 2026-03-03 05:17 修改: 2026-04-29 01:00