docker.io/gitpod/openvscode-server:latest linux/amd64

docker.io/gitpod/openvscode-server:latest - Trivy安全扫描结果 扫描时间: 2024-11-19 14:02
全部漏洞信息
低危漏洞:52 中危漏洞:16 高危漏洞:15 严重漏洞:3

系统OS: ubuntu 22.04 扫描引擎: Trivy 扫描时间: 2024-11-19 14:02

docker.io/gitpod/openvscode-server:latest (ubuntu 22.04) (ubuntu)
低危漏洞:50 中危漏洞:10 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
gcc-12-base CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libatomic1 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:cda1a79746359d47ec69cde5cd496439098a00c78d84cf324e40ba7d5187854b

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libgcc-s1 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
libgcrypt20 CVE-2024-2236 中危 1.9.4-3ubuntu3 libgcrypt: vulnerable to Marvin Attack

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-2236

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-03-06 22:15 修改: 2024-11-12 18:15
libgssapi-krb5-2 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26462 中危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/kdc/ndr.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26462

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libstdc++6 CVE-2023-4039 中危 12.3.0-1ubuntu1~22.04 gcc: -fstack-protector fails to guard dynamic stack allocations on ARM64

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-4039

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-09-13 09:15 修改: 2024-08-02 08:15
wget CVE-2021-31879 中危 1.21.2-2ubuntu1.1 wget: authorization header disclosure on redirect

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-31879

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2021-04-29 05:15 修改: 2022-05-13 20:52
gpg CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-agent CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-wks-client CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpg-wks-server CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpgconf CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpgsm CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
gpgv CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
curl CVE-2024-9681 低危 7.81.0-1ubuntu1.18 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17
libatomic1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:cda1a79746359d47ec69cde5cd496439098a00c78d84cf324e40ba7d5187854b

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libc-bin CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libc6 CVE-2016-20013 低危 2.35-0ubuntu3.8

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-20013

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-02-19 05:15 修改: 2022-03-03 16:43
libcurl3-gnutls CVE-2024-9681 低危 7.81.0-1ubuntu1.18 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:cda1a79746359d47ec69cde5cd496439098a00c78d84cf324e40ba7d5187854b

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17
libcurl4 CVE-2024-9681 低危 7.81.0-1ubuntu1.18 curl: HSTS subdomain overwrites parent cache entry

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-9681

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2024-11-06 08:15 修改: 2024-11-06 18:17
dirmngr CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libgcc-s1 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
coreutils CVE-2016-2781 低危 8.32-4.1ubuntu1.2 coreutils: Non-privileged session can escape to the parent session in chroot

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-2781

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2017-02-07 15:59 修改: 2023-11-07 02:32
gcc-12-base CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libgssapi-krb5-2 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libgssapi-krb5-2 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
git CVE-2018-1000021 低危 1:2.34.1-1ubuntu1.11 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021

镜像层: sha256:cda1a79746359d47ec69cde5cd496439098a00c78d84cf324e40ba7d5187854b

发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libk5crypto3 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libk5crypto3 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
git-man CVE-2018-1000021 低危 1:2.34.1-1ubuntu1.11 git: client prints server-sent ANSI escape codes to the terminal, allowing for unverified messages to potentially execute arbitrary commands

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-1000021

镜像层: sha256:cda1a79746359d47ec69cde5cd496439098a00c78d84cf324e40ba7d5187854b

发布日期: 2018-02-09 23:29 修改: 2024-10-24 17:58
libkrb5-3 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5-3 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
gnupg CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libkrb5support0 CVE-2024-26458 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26458

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-05-14 15:09
libkrb5support0 CVE-2024-26461 低危 1.19.2-2ubuntu0.4 krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-26461

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-29 01:44 修改: 2024-08-14 16:35
libncurses6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
libncurses6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libncursesw6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
libncursesw6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libpcre2-8-0 CVE-2022-41409 低危 10.39-3ubuntu0.1 pcre2: negative repeat value in a pcre2test subject line leads to inifinite loop

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-41409

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-07-18 14:15 修改: 2023-07-27 03:46
libpcre3 CVE-2017-11164 低危 2:8.39-13ubuntu0.22.04.1 pcre: OP_KETRMAX feature in the match function in pcre_exec.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2017-11164

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2017-07-11 03:29 修改: 2023-11-07 02:38
libssl3 CVE-2024-41996 低危 3.0.2-0ubuntu1.18 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
gnupg-l10n CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
libstdc++6 CVE-2022-27943 低危 12.3.0-1ubuntu1~22.04 binutils: libiberty/rust-demangle.c in GNU GCC 11.2 allows stack exhaustion in demangle_const

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-27943

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2022-03-26 13:15 修改: 2023-11-07 03:45
libsystemd0 CVE-2023-7008 低危 249.11-0ubuntu3.12 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
libtinfo6 CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
libtinfo6 CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
libudev1 CVE-2023-7008 低危 249.11-0ubuntu3.12 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-7008

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-23 13:15 修改: 2024-09-16 17:16
libzstd1 CVE-2022-4899 低危 1.4.8+dfsg-3build1 zstd: mysql: buffer overrun in util.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-4899

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-03-31 20:15 修改: 2023-11-07 03:59
login CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
ncurses-base CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
ncurses-base CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
ncurses-bin CVE-2023-45918 低危 6.3-2ubuntu0.1 ncurses: NULL pointer dereference in tgetstr in tinfo/lib_termcap.c

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-45918

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2024-02-16 22:15 修改: 2024-10-31 18:35
ncurses-bin CVE-2023-50495 低危 6.3-2ubuntu0.1 ncurses: segmentation fault via _nc_wrap_entry()

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-50495

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-12-12 15:15 修改: 2024-01-31 03:15
openssl CVE-2024-41996 低危 3.0.2-0ubuntu1.18 openssl: remote attackers (from the client side) to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-41996

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2024-08-26 06:15 修改: 2024-08-26 16:35
passwd CVE-2023-29383 低危 1:4.8.1-2ubuntu2.2 shadow: Improper input validation in shadow-utils package utility chfn

漏洞详情: https://avd.aquasec.com/nvd/cve-2023-29383

镜像层: sha256:2573e0d8158209ed54ab25c87bcdcb00bd3d2539246960a3d592a1c599d70465

发布日期: 2023-04-14 22:15 修改: 2023-04-24 18:05
gnupg-utils CVE-2022-3219 低危 2.2.27-3ubuntu2.1 gnupg: denial of service issue (resource consumption) using compressed packets

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-3219

镜像层: sha256:f9b2c43427150cede8ccfc967714942338d9554ee675fa947b4a7671806da626

发布日期: 2023-02-23 20:15 修改: 2023-05-26 16:31
Node.js (node-pkg)
低危漏洞:2 中危漏洞:6 高危漏洞:15 严重漏洞:3
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
handlebars CVE-2019-19919 严重 1.0.0 4.3.0, 3.0.8 nodejs-handlebars: prototype pollution leading to remote code execution via crafted payloads

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-19919

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2019-12-20 23:15 修改: 2022-06-03 18:48
handlebars CVE-2021-23369 严重 1.0.0 4.7.7 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with strict:true option

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23369

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2021-04-12 14:15 修改: 2021-06-08 13:54
handlebars CVE-2021-23383 严重 1.0.0 4.7.7 nodejs-handlebars: Remote code execution when compiling untrusted compile templates with compat:true option

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-23383

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2021-05-04 09:15 修改: 2021-12-03 19:59
diff GHSA-h6ch-v84p-w6p9 高危 1.0.0 3.5.0 Regular Expression Denial of Service (ReDoS)

漏洞详情: https://github.com/advisories/GHSA-h6ch-v84p-w6p9

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
grunt CVE-2020-7729 高危 1.0.0 1.3.0 The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execut ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7729

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2020-09-03 09:15 修改: 2022-11-16 14:05
grunt CVE-2022-1537 高危 1.0.0 1.5.3 gruntjs: race condition leading to arbitrary file write

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-1537

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2022-05-10 14:15 修改: 2023-04-05 22:15
handlebars CVE-2019-20920 高危 1.0.0 3.0.8, 4.5.3 nodejs-handlebars: lookup helper fails to properly validate templates allowing for arbitrary JavaScript execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-20920

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2020-09-30 18:15 修改: 2020-10-15 17:35
handlebars GHSA-2cf5-4w76-r9qv 高危 1.0.0 3.0.8, 4.5.2 Arbitrary Code Execution in handlebars

漏洞详情: https://github.com/advisories/GHSA-2cf5-4w76-r9qv

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars GHSA-g9r4-xpmj-mj65 高危 1.0.0 3.0.8, 4.5.3 Prototype Pollution in handlebars

漏洞详情: https://github.com/advisories/GHSA-g9r4-xpmj-mj65

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars GHSA-q2c6-c6pm-g3gh 高危 1.0.0 3.0.8, 4.5.3 Arbitrary Code Execution in handlebars

漏洞详情: https://github.com/advisories/GHSA-q2c6-c6pm-g3gh

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
handlebars GHSA-q42p-pg8m-cqh6 高危 1.0.0 4.1.2, 4.0.14, 3.0.7 Prototype Pollution in handlebars

漏洞详情: https://github.com/advisories/GHSA-q42p-pg8m-cqh6

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
ini CVE-2020-7788 高危 1.0.0 1.3.6 nodejs-ini: Prototype pollution via malicious INI file

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7788

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2020-12-11 11:15 修改: 2022-12-02 19:40
json CVE-2020-7712 高危 1.0.0 10.0.0 trentm/json vulnerable to command injection

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-7712

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2020-08-30 08:15 修改: 2023-11-07 03:26
npm CVE-2018-7408 高危 1.0.1 5.7.1 Incorrect Permission Assignment for Critical Resource in NPM

漏洞详情: https://avd.aquasec.com/nvd/cve-2018-7408

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2018-02-22 18:29 修改: 2019-10-03 00:03
npm CVE-2019-16775 高危 1.0.1 6.13.3 npm: Symlink reference outside of node_modules folder through the bin field upon installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16775

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm CVE-2019-16776 高危 1.0.1 6.13.3 npm: Arbitrary file write via constructed entry in the package.json bin field

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16776

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
npm CVE-2019-16777 高危 1.0.1 6.13.4 npm: Global node_modules Binary Overwrite

漏洞详情: https://avd.aquasec.com/nvd/cve-2019-16777

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2019-12-13 01:15 修改: 2023-11-07 03:05
pug CVE-2021-21353 高危 1.0.0 3.0.1 pug: user provided objects as input to pug templates can achieve remote code execution

漏洞详情: https://avd.aquasec.com/nvd/cve-2021-21353

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2021-03-03 02:15 修改: 2021-03-09 15:35
handlebars CVE-2015-8861 中危 1.0.0 >=4.0.0 The handlebars package before 4.0.0 for Node.js allows remote attacker ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2015-8861

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2017-01-23 21:59 修改: 2020-04-22 12:54
handlebars NSWG-ECO-519 中危 1.0.0 >=4.6.0 Denial of Service

漏洞详情: https://hackerone.com/reports/726364

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
npm CVE-2016-3956 中危 1.0.1 >= 2.15.1 <= 3.0.0, >= 3.8.3 npm: bearer token leak to non-registry hosts

漏洞详情: https://avd.aquasec.com/nvd/cve-2016-3956

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2016-07-02 14:59 修改: 2021-06-15 16:30
npm CVE-2020-15095 中危 1.0.1 6.14.6 npm: sensitive information exposure through logs

漏洞详情: https://avd.aquasec.com/nvd/cve-2020-15095

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2020-07-07 19:15 修改: 2023-11-07 03:17
grunt CVE-2022-0436 中危 1.0.0 1.5.2 Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2.

漏洞详情: https://avd.aquasec.com/nvd/cve-2022-0436

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2022-04-12 21:15 修改: 2023-04-06 15:15
pug CVE-2024-36361 中危 1.0.0 3.0.3 Pug allows JavaScript code execution if an application accepts untrusted input

漏洞详情: https://avd.aquasec.com/nvd/cve-2024-36361

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2024-05-24 06:15 修改: 2024-08-02 04:17
markdown GHSA-wx77-rp39-c6vg 低危 1.0.0 Regular Expression Denial of Service in markdown

漏洞详情: https://github.com/advisories/GHSA-wx77-rp39-c6vg

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00
npm CVE-2013-4116 低危 1.0.1 >=1.3.3 npm: Insecure temporary directory generation

漏洞详情: https://avd.aquasec.com/nvd/cve-2013-4116

镜像层: sha256:a8cad350cc57bfbcb8e154ae11556835141147dda2d9a0c1f4a3b33cb2552577

发布日期: 2014-04-22 14:23 修改: 2020-10-14 13:21