| axios |
CVE-2025-58754 |
高危 |
1.11.0 |
1.12.0, 0.30.2 |
axios: Axios DoS via lack of data size check
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-58754
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2025-09-12 02:15 修改: 2026-01-16 15:15
|
| axios |
CVE-2026-25639 |
高危 |
1.11.0 |
1.13.5, 0.30.3 |
axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25639
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-09 21:15 修改: 2026-02-18 18:24
|
| axios |
CVE-2026-42033 |
高危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: HTTP Transport Hijacking via Prototype Pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42033
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:02
|
| axios |
CVE-2026-42035 |
高危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: Arbitrary HTTP header injection via prototype pollution
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42035
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:58
|
| axios |
CVE-2026-42043 |
高危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: NO_PROXY bypass via crafted URL
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42043
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:05
|
| axios |
CVE-2026-42264 |
高危 |
1.11.0 |
1.15.2 |
Axios is a promise based HTTP client for the browser and Node.js. From ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42264
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-05-08 04:16 修改: 2026-05-08 16:02
|
| cross-spawn |
CVE-2024-21538 |
高危 |
7.0.3 |
7.0.5, 6.0.6 |
cross-spawn: regular expression denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-21538
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2024-11-08 05:15 修改: 2026-04-15 00:35
|
| glob |
CVE-2025-64756 |
高危 |
10.4.2 |
11.1.0, 10.5.0 |
glob: glob: Command Injection Vulnerability via Malicious Filenames
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-64756
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2025-11-17 18:15 修改: 2025-12-02 19:34
|
| lodash |
CVE-2026-4800 |
高危 |
4.17.21 |
4.18.0 |
lodash: lodash: Arbitrary code execution via untrusted input in template imports
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4800
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-31 20:16 修改: 2026-05-01 18:09
|
| minimatch |
CVE-2026-26996 |
高危 |
3.1.2 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-27903 |
高危 |
3.1.2 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27904 |
高危 |
3.1.2 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| minimatch |
CVE-2026-26996 |
高危 |
5.1.6 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-26996 |
高危 |
5.1.6 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-27903 |
高危 |
5.1.6 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27903 |
高危 |
5.1.6 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27904 |
高危 |
5.1.6 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| minimatch |
CVE-2026-27904 |
高危 |
5.1.6 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| minimatch |
CVE-2026-26996 |
高危 |
9.0.5 |
10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3 |
minimatch: minimatch: Denial of Service via specially crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26996
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-02-20 03:16 修改: 2026-03-06 21:32
|
| minimatch |
CVE-2026-27903 |
高危 |
9.0.5 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3 |
minimatch: minimatch: Denial of Service due to unbounded recursive backtracking via crafted glob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27903
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:21
|
| minimatch |
CVE-2026-27904 |
高危 |
9.0.5 |
10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4 |
minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27904
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-02-26 02:16 修改: 2026-02-27 17:16
|
| multer |
CVE-2025-47935 |
高危 |
1.4.5-lts.2 |
2.0.0 |
Multer vulnerable to Denial of Service via memory leaks from unclosed streams
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47935
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2025-05-19 20:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2025-47944 |
高危 |
1.4.5-lts.2 |
2.0.0 |
Multer vulnerable to Denial of Service from maliciously crafted requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47944
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2025-05-19 20:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2025-48997 |
高危 |
1.4.5-lts.2 |
2.0.1 |
multer: Multer vulnerable to Denial of Service via unhandled exception
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-48997
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2025-06-03 19:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2025-7338 |
高危 |
1.4.5-lts.2 |
2.0.2 |
multer: Multer Denial of Service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7338
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2025-07-17 16:15 修改: 2026-04-15 00:35
|
| multer |
CVE-2026-2359 |
高危 |
1.4.5-lts.2 |
2.1.0 |
multer: Multer: Denial of Service via dropped file upload connections
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2359
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-27 16:16 修改: 2026-03-19 17:28
|
| multer |
CVE-2026-3304 |
高危 |
1.4.5-lts.2 |
2.1.0 |
multer: Multer: Denial of Service via malformed requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3304
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-27 16:16 修改: 2026-03-19 17:28
|
| multer |
CVE-2026-3520 |
高危 |
1.4.5-lts.2 |
2.1.1 |
multer: Multer: Denial of Service via malformed requests
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3520
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-04 17:16 修改: 2026-03-09 18:03
|
| path-to-regexp |
CVE-2026-4867 |
高危 |
0.1.12 |
0.1.13 |
path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4867
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-26 17:16 修改: 2026-04-16 18:01
|
| picomatch |
CVE-2026-33671 |
高危 |
2.3.1 |
4.0.4, 3.0.2, 2.3.2 |
picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33671
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:45
|
| socket.io-parser |
CVE-2026-33151 |
高危 |
4.2.4 |
3.3.5, 3.4.4, 4.2.6 |
socket.io: Socket.IO: Denial of Service due to excessive buffering of specially crafted packets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33151
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-20 21:17 修改: 2026-04-14 18:22
|
| tar |
CVE-2026-23745 |
高危 |
6.2.1 |
7.5.3 |
node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23745
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-01-16 22:16 修改: 2026-02-18 16:20
|
| tar |
CVE-2026-23950 |
高危 |
6.2.1 |
7.5.4 |
node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-23950
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-01-20 01:15 修改: 2026-02-18 15:50
|
| tar |
CVE-2026-24842 |
高危 |
6.2.1 |
7.5.7 |
node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24842
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-01-28 01:16 修改: 2026-02-02 14:30
|
| tar |
CVE-2026-26960 |
高危 |
6.2.1 |
7.5.8 |
node-tar: node-tar: Arbitrary file read/write via malicious archive hardlink creation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-26960
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-02-20 02:16 修改: 2026-02-20 19:24
|
| tar |
CVE-2026-29786 |
高危 |
6.2.1 |
7.5.10 |
node-tar: hardlink path traversal via drive-relative linkpath
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29786
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-03-07 16:15 修改: 2026-03-11 21:50
|
| tar |
CVE-2026-31802 |
高危 |
6.2.1 |
7.5.11 |
tar: tar: File overwrite via drive-relative symlink traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31802
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-03-10 07:44 修改: 2026-03-18 18:13
|
| brace-expansion |
CVE-2026-33750 |
中危 |
2.0.2 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| axios |
CVE-2025-62718 |
中危 |
1.11.0 |
1.15.0, 0.31.0 |
axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-62718
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-09 15:16 修改: 2026-04-16 19:16
|
| follow-redirects |
GHSA-r4q5-vmmm-2653 |
中危 |
1.15.11 |
1.16.0 |
follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets
漏洞详情: https://github.com/advisories/GHSA-r4q5-vmmm-2653
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-14 01:11 修改: 2026-04-14 01:11
|
| axios |
CVE-2026-40175 |
中危 |
1.11.0 |
1.15.0, 0.31.0 |
axios: Axios: Remote Code Execution via Prototype Pollution escalation
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40175
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-10 20:16 修改: 2026-05-12 13:17
|
| ip-address |
CVE-2026-42338 |
中危 |
9.0.5 |
10.1.1 |
ip-address has XSS in Address6 HTML-emitting methods
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42338
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-05-12 20:16 修改: 2026-05-12 20:16
|
| axios |
CVE-2026-42034 |
中危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42034
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:59
|
| lodash |
CVE-2025-13465 |
中危 |
4.17.21 |
4.17.23 |
lodash: prototype pollution in _.unset and _.omit functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13465
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-01-21 20:16 修改: 2026-02-17 17:10
|
| lodash |
CVE-2026-2950 |
中危 |
4.17.21 |
4.18.0 |
lodash: Lodash: Prototype pollution allows deletion of built-in prototype properties via array path bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2950
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-31 20:16 修改: 2026-04-07 16:12
|
| axios |
CVE-2026-42036 |
中危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42036
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:57
|
| axios |
CVE-2026-42037 |
中危 |
1.11.0 |
1.15.1 |
axios: Node.js: Axios: Information disclosure via CRLF injection in multipart Content-Type header
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42037
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:54
|
| axios |
CVE-2026-42038 |
中危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: Information disclosure due to `no_proxy` bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42038
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:52
|
| picomatch |
CVE-2026-33672 |
中危 |
2.3.1 |
4.0.4, 3.0.2, 2.3.2 |
picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33672
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-26 22:16 修改: 2026-04-01 13:44
|
| qs |
CVE-2025-15284 |
中危 |
6.13.0 |
6.14.1 |
qs: qs: Denial of Service via improper input validation in array parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15284
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2025-12-29 23:15 修改: 2026-02-26 19:57
|
| axios |
CVE-2026-42039 |
中危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Node.js: Axios: Denial of Service via unbounded recursion in toFormData with deeply nested request data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42039
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 19:50
|
| axios |
CVE-2026-42041 |
中危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42041
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:07
|
| axios |
CVE-2026-42042 |
中危 |
1.11.0 |
1.15.1, 0.31.1 |
axios: Axios: XSRF token bypass leading to information disclosure
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42042
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:05
|
| axios |
CVE-2026-42044 |
中危 |
1.11.0 |
1.15.2 |
Axios is a promise based HTTP client for the browser and Node.js. From ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42044
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:04
|
| brace-expansion |
CVE-2026-33750 |
中危 |
1.1.12 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| brace-expansion |
CVE-2026-33750 |
中危 |
2.0.1 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| brace-expansion |
CVE-2026-33750 |
中危 |
2.0.2 |
5.0.5, 3.0.2, 2.0.3, 1.1.13 |
brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33750
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-27 15:16 修改: 2026-04-22 14:23
|
| yaml |
CVE-2026-33532 |
中危 |
2.8.0 |
2.8.3, 1.10.3 |
yaml: yaml: Denial of Service via deeply nested YAML document parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33532
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-03-26 20:16 修改: 2026-04-02 18:11
|
| diff |
CVE-2026-24001 |
低危 |
5.2.0 |
8.0.3, 5.2.2, 4.0.4, 3.5.1 |
jsdiff: denial of service vulnerability in parsePatch and applyPatch
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-24001
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2026-01-22 03:15 修改: 2026-03-04 15:23
|
| brace-expansion |
CVE-2025-5889 |
低危 |
2.0.1 |
2.0.2, 1.1.12, 3.0.1, 4.0.1 |
brace-expansion: juliangruber brace-expansion index.js expand redos
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5889
镜像层: sha256:105c493da35328733d40e72efbcc0ffe5f0327b8b82cfdbccd09b3566cfc183b
发布日期: 2025-06-09 19:15 修改: 2026-04-29 01:00
|
| axios |
CVE-2026-42040 |
低危 |
1.11.0 |
1.15.1, 0.31.1 |
Axios is a promise based HTTP client for the browser and Node.js. Prio ...
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42040
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-04-24 18:16 修改: 2026-04-27 20:09
|
| qs |
CVE-2026-2391 |
低危 |
6.13.0 |
6.14.2 |
qs: qs's arrayLimit bypass in comma parsing allows denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2391
镜像层: sha256:94d6f48e40282046e3e7260695ea4b6e00433e0465247171d6c30580a032237c
发布日期: 2026-02-12 05:17 修改: 2026-02-24 20:13
|